On Sun, 14 Apr 2013 10:34:06 -0700, Michael Sierchio wrote: > On Sun, Apr 14, 2013 at 10:26 AM, Ian Smith <[email protected]> wrote: > > > 'allow ip' aka 'allow all' doesn't usually take a port number, which > > applies only to tcp and udp. > > It does in ipfw - in which case it means ( udp | tcp )
You're quite right, and my assumption that it would also permit icmp was quite wrong, after a quick test. Which appears to leave the bypassed divert not working with rx/txcsum the only viable suspect. The ruleset is otherwise 'out of the box'. Does anyone know whether this is an issue with libalias(3) generally - in which case using nat instead of divert shouldn't help - or just with natd in particular? cheers, Ian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[email protected]"
