[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ipfilter in openbsd 2.4

To: tech@openbsd.org
Subject: ipfilter in openbsd 2.4
From: Tomaz Borstnar <tomaz.borstnar@over.net>
Date: Tue, 16 Mar 1999 00:51:32 +0100
Cc: avalon@coombs.anu.edu.au

Hello!

	I have OpenBSD -current from end of October 98 and kernel from 9.12.1998
running on sparc 20. I was wondering how it is possible for tcpdump to
still see icmp messages if they're blocked:

block out proto icmp from any to any
block in proto icmp from any to any

ipfstat -i /-o doesn't show any other filter related to icmp. If I ping
this host I can see echo requests, but get no replies. Is machine somehow
still accepting packets and act upon them or not?

Is this feature or bug? Did I miss something important while RTFM-ing? How
can I be sure my filter are working? 

Thanks in advance.


Tomaz

p.s.
Which version of ipfilter is in latest sources of OpenBSD?


----
Tomaz Borstnar <tomaz.borstnar@over.net>
"Love is the answer to the final question you ask" - Unknown

Follow-Ups:
- Re: ipfilter in openbsd 2.4
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>
- Re: ipfilter in openbsd 2.4
  - From: Kjell Wooding <kwooding@codetalker.com>

References:
- mac68k snapshot
  - From: Bob Beck <beck@bofh.ucs.ualberta.ca>

Prev by Date: mac68k snapshot
Next by Date: Re: ipfilter in openbsd 2.4
Prev by thread: mac68k snapshot
Next by thread: Re: ipfilter in openbsd 2.4
Index(es):
- Date
- Thread