** Reply to note from Andrey Simonenko <[EMAIL PROTECTED]> Thu, 13 Feb 2003
11:23:16 +0200 (EET)
> If the counter of some IPFW rule is always 0, then this means that this
> rule is not reached (you are right here).
So rule 2000 (deny) was not reached.
> After "count" rule the search
> continues with the next rule (with the same number or with the next number,
> at least this is true for IPFW1, check it).
This is what I thought, but apparently, either I'm missing something weird or it
didn't work like that.
> You should find "allow" rule before "deny" rule which allows some traffic.
I'm really sure there wasn't any. I don't have the system here available now, but I'm
sure rules 1001-1255 were counting
traffic (and worked, as seen with ipfw -a l) and next was 2000 which should have
denied, but it's counters were 0.
bye & Thanks
av.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
