ipfw lost its mind?
Subhro
subhro.kar at gmail.com
Thu Mar 3 12:26:58 PST 2005
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org [mailto:owner-freebsd-
> questions at freebsd.org] On Behalf Of Paul Schmehl
> Sent: Friday, March 04, 2005 1:51
> To: 'FreeBSD questions'
> Subject: RE: ipfw lost its mind?
>
> --On Friday, March 04, 2005 01:21:11 AM +0530 Subhro
> <subhro.kar at gmail.com>
> wrote:
>
> > Do you block UDP?
>
> First question would be - which direction?
Incoming.
>
> I allow udp *to* port 53. I allow *ip* outgoing, so any response to a dns
> request would be answered.
Not relevant, as far as my knowledge goes.
> Even though it doesn't make sense to me. If my *first* rule is "allow ip
> from x.x.x.x/32 to {server}" and I also have a rule that says "allow ip
> from {server} to any", then I can't imagine why a restriction on udp would
> interfere with that since "ip" includes both tcp and udp.
That's a point. If this is the case, i.e. you are using "ip" then tcp/udp
makes no difference. Did you lately do any builds or partial builds of the
source tree?
Indian Institute of Information Technology
Subhro Sankha Kar
Block AQ-13/1, Sector V
Salt Lake City
PIN 700091
India
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3677 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050304/ac6a5a29/smime.bin
More information about the freebsd-questions
mailing list