** Reply to note from Andrey Simonenko <[EMAIL PROTECTED]> Thu, 13 Feb 2003 
11:23:16 +0200 (EET)


> If the counter of some IPFW rule is always 0, then this means that this 
> rule is not reached (you are right here).

So rule 2000 (deny) was not reached.


> After "count" rule the search 
> continues with the next rule (with the same number or with the next number, 
> at least this is true for IPFW1, check it).

This is what I thought, but apparently, either I'm missing something weird or it 
didn't work like that.



> You should find "allow" rule before "deny" rule which allows some traffic.

I'm really sure there wasn't any. I don't have the system here available now, but I'm 
sure rules 1001-1255 were counting
traffic (and worked, as seen with ipfw -a l) and next was 2000 which should have 
denied, but it's counters were 0.

 bye & Thanks
        av.




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Reply via email to