On Tue, Aug 02, 2005 at 09:51:45PM -0300, AT Matik wrote: ... > even if I agree to your logic aspect in general I thought > > out and xmit is probably exactly the same still especially as you set > src-ip and dst-ip so the interface where this packages are xmit is > defined by the routes
> > localhost normally runs on lo0 which is an interface as any other > > so which ghost packages you try to catch here? there are internally generated packets which do not have a rcvif (which is what really 'recv' means); and any packet in the input path does not have an output-if (which is wht really 'xmit' means). so "out" and "xmit any" are the same thing (and "in" is "not out" so the same as "not xmit any"), assuming there is a route for the destination (but otherwise i believe the packet is dropped before reaching the firewall), but i cannot find a synonim for "recv any" cheers luigi _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
