ipfw delete 100-300
Alexander V. Chernikov
melifaro at ipfw.ru
Thu Aug 13 15:20:44 UTC 2015
13.08.2015, 18:19, "Julian Elischer" <julian at freebsd.org>:
> On 8/13/15 10:41 PM, Ian Smith wrote:
>> On Thu, 13 Aug 2015 16:30:15 +0200, Luigi Rizzo wrote:
>> > On Thu, Aug 13, 2015 at 4:00 PM, Ian Smith <smithi at nimnet.asn.au> wrote:
>> > > On Thu, 13 Aug 2015 12:24:31 +0800, Julian Elischer wrote:
>> > > > BTW, any ideas as to what causes this?
>> > > > # ipfw show
>> > > > [...]
>> > > > 00400 0 0 deny ip from 10.12.1.0/24 to any in recv
>> > > > xn0
>> > > > 00500 0 16045693110842147038 deny ip from 204.109.63.0/25 to any in recv
>> > > > xn1
>> > > > 00600 0 0 allow ip from any to any in recv xn1
>> > > > [...]
>> > > > 65535 8251 16045693110842147290 deny ip from any to any
>> > > >
>> > > >
>> > > > -current as of the 5th of august
>> > > > FreeBSD vps1.elischer.org 11.0-CURRENT FreeBSD 11.0-CURRENT #1 r286304: Wed
>> > > > Aug 5 14:31:10 PDT 2015
>> > > > root at vps1.elischer.org:/usr/obj/usr/src-current/sys/VPS1 i386
>> > > >
>> > > > note i386, not amd64.
>> > >
>> > > Assuming all digits were shown, on a wild hunch:
>> > >
>> > > t23% echo 'scale=20; 2^64 - 16045693110842147038' | bc
>> > > 2401050962867404578
>> > > t23% echo 'scale=20; 2^63 - 16045693110842147038' | bc
>> > > -6822321073987371230
>> > >
>> >
>> > bc
>> > obase=16
>> > 16045693110842147038
>> > DEADC0DEDEADC0DE
>> >
>> > so... somehow pointing in a bad place.
>>
>> Ah, quite so .. and rule 65535 looks like a slightly worse place.
>>
>> t23% echo 'obase=16; 16045693110842147290' | bc
>> DEADC0DEDEADC1DA
>
> that's deadcode when it's had some packets added to it :-)
>
> I think our friend Mr Chernikov may have tripped up over something..
Well, I'll take a look on it when I setup an i386 vm :)
Not easy to find one these days..
>
>> thanks, Ian
More information about the freebsd-ipfw
mailing list