Displaying 1 result from an estimated 1 matches for "wildside".
2008 Jul 29
3
ipfw "bug" - recv any = not recv any
...ays to solve this in ipfw2 (tagging, for one), but
the issue is that there is at least one "reasonable" application for the
phrase and that the behavior is not what one might expect, in a
potentially dangerous way.
To replicate
============
1) Identify a "blank" rule
[root@wildside /etc/firewall]# ipfw list 20000
ipfw: rule 20000 does not exist
2) create a rule that does not modify traffic, but logs matches, using
"not recv any"
[root@wildside /etc/firewall]# ipfw add 20000 count all from any to any
out not recv any
20000 count ip from any to any out
2a) Expect...