Technical Director wrote:

On Mon, 25 Aug 2003, Technical Director wrote:



INSERT_YOUR_FW_RULE_FOR_ICMP_BLOCK is the rule ID Number. #### below is it
as well... :)

##### 0 2300 deny icmp from any to me via ed0

Just to clarify.


Thanks for the response.

Yep, that's the rule and it does have counters.

In your previous e-mail you were asking about the order of packet processing and that's what I'm trying to figure out as well. I figure that the firewall should block the traffic first so as to prevent ruled traffic from coming in and then, in my thinking, snort shouldn't see it.

Hopefully somebody might have an explanation with the why's and how comes one way or the other.

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to