On Monday 02 June 2003 18:02, Gary Aitken wrote: > I was considering turning on bridging, which requires the final ipfw > rule to be allow, not deny. > So I added a deny rule at 65534, but temporarily left the default deny > rule in place in the kernel. > > Interestingly, my log shows the following: > > 65534 582 58547 deny ip from any to any > > 65535 3 234 deny ip from any to any > > This looks like an impossible situation, since the last 3 should have been > caug ht by the previous rule. I think they got caught in the split second between the time of flushing out all rules and loading a new ruleset. At that time 65535 was the only rule in the ruleset and 3 packets must have reached your machine...
grtz, Daan _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
