I got the following output from "ipfw show" in my daily security run output email.
+++ /tmp/security.yri47lgA Mon Dec 12 03:01:45 2005 +00522 3530 1204158 deny ip from 10.0.0.0/8 to any via sis1 +02522 18 784 deny tcp from any to any in via sis1 setup +65530 0 0 deny ip from any to any +65535 2 688 deny ip from any to any Could somebody please explain to me how those packets got past rule 65530 to be stopped by (the identical) rule 65535? The ipfw rules have not changed since the machine rebooted. The only explanation I have is that the packets arrived between the time when the machine started accepting incoming packets and when the rules were loaded in /etc/rc.d/ipfw. If that's the case, it's a pretty good argument for defaulting to rejecting packets. Didn't somebody here suggest that this wasn't really necessary a few weeks ago (something to do with using pf)? Graham _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
