Hello,
I have a fairly simple question that I can't seem to get an answer on,
or not looking in the right place.
I have APF(firewall) installed on a server and have configured a number
of rules to drop certain hosts silently.
The question I have, does "tcpdump" see the packets coming in before the
firewall rules are applied or after the firewall rules are applied?
The reason I am asking this is because when I look at "tcpdump" I still
see packets coming in from certain IPs that have been added in as "DROP"
silently in APF. I have done all the configuration changes and
restarted the service to make sure everything is active from the new
configs with APF.
I want to make sure the packets are actually getting dropped or somehow
is the configuration still letting packets through!
Thanks for your time,
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
