ipfw dynamic tcp rule issue
Ian FREISLICH
if at hetzner.co.za
Tue Sep 7 00:19:58 PDT 2004
George S wrote:
> Hello all,
>
> I've been having some trouble with this strange ipfw configuration and I am
> pretty sure it is probably a bug. I posted a note to freebsd-ipfw a little
> while ago, but I think the problem is better demonstrated with a figure.
Are you sure that you perormed the test you described and the results
(count updated etc) actually occured? I would expect rule 9 to
catch the packet on its way back and rule 11 never to be triggered.
Maybe rule 9 should be a checkstate rule.
Ian
--
Ian Freislich
More information about the freebsd-net
mailing list