*BSD News Article 67294


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!asstdc.scgt.oz.au!nsw.news.telstra.net!act.news.telstra.net!vic.news.telstra.net!news.mira.net.au!inquo!in-news.erinet.com!bug.rahul.net!rahul.net!a2i!ns2.mainstreet.net!news.us.world.net!news.aus.world.net!shellbne.bluesky.net.au!matt
From: matt@shellbne.bluesky.net.au (Matt Carter)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: ipfw (ip firewall/accounting)
Date: 1 May 1996 04:26:13 GMT
Organization: AUSNet Services pty. ltd.
Lines: 27
Message-ID: <4m6p55$k43@sydney1.world.net>
NNTP-Posting-Host: shellbne.bluesky.net.au
X-Newsreader: TIN [version 1.2 PL2]

okay heres my problem

              
                 techbne02-----\ /----shellbne
                                |/
outsideworld--------router-----hub-----bluesky1
                                |\   
                 techbne01-----/ \----accbne01
                  
okay - now everything past and including the router are all on the same 
subnet and since they are on the same hub hence the same network. ipfw 
works fine except for one slight problem. 
   
shellbne is the freebsd machine running ipfw . if i tell it to filter and    
logreject all icmp packets from anywhere 0.0.0.0/0 to our subnet
203.21.76.0/24 then if i'm not mistaken it should drop packets for any of    
the above hosts, except for the router? why does it only drop packets for    
itself and no other hosts when the other hosts are on a direct network    
and only 1 hop away ?
  
--
//////////////////////////////////////////////////////////////////////////////
Matt Carter, BlueSky OPC Pty. Ltd.
Phone: +61 (07) 3344-5779, FAX: +61 (07) 3344-5739
E-mail: matt@BlueSky.net.au
WWW: http://www.BlueSky.net.au
//////////////////////////////////////////////////////////////////////////////