https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238694
--- Comment #7 from Rodney W. Grimes <[email protected]> --- (In reply to karl from comment #6) I agree Karl, one does have to be very careful when hand crafting there own firewall. Most of mine do in fact use the simple flush, but there are other techniques, such as load the set of rules into a known empty set and do a set flip, complicated state management that knows how to incrementally remove and add the proper sequence of rules, etc. I think the reason so very few reports exist about this bug is that we have 2 ways to cause an external script to load, setting firewall_type="/path/to/file" and firewall_script="/path/to/file". The second form always works exactly as we (we being I think all of us) expected it to, however the former now has this wart that we get the, by my claim fake, loopback stuff. It is this wart that is at issue and we should solve that so the behavior of firewall_script= and firewall_type=path are exactly the same. Can I get an agreement on that point? -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[email protected]"
