BIND-8/9 interface bug? Or is it FreeBSD?
Barney Wolff
barney at pit.databus.com
Fri Apr 18 21:30:57 PDT 2003
On Fri, Apr 18, 2003 at 04:52:14PM -0700, Jeremy Chadwick wrote:
> Since when? :-) That wouldn't make very much sense, and
> would be extremely misleading for network administrators.
> bpf should have the highest priority, well above ipfw.
>
> I just verified that fact with a test: blocking any telnet I/O
> across my public interface and telnetting in from my home
> workstation:
You didn't listen to the answer: bpf is closer to the driver than ipfw,
so it will see inbound packets that ipfw will block, but not see outbound
packets that ipfw has already blocked.
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
More information about the freebsd-net
mailing list