Re: problem on ipfw using mac addresses
Thanks Andrey and Paul for your useful help. It works fine now. Thank you again. On Wed, Jul 4, 2012 at 7:13 PM, Paul A. Procacci wrote: > Have you set net.link.ether.ipfw? > > ~Paul > > On Wed, Jul 04, 2012 at 05:34:04PM +0430, h bagade wrote: > > Hi all, > > > > I have a problem using ipfw firewall. I have a topology connected as > below: > > > > A(192.168.1.55) - (192.168.1.1)my_sys(192.168.2.1) > > ---(192.168.2.12)B > > > > I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which > > works correctly. I can't ping from A to B by the rule. Then I've added > mac > > part to the rule as the format of "ipfw add 1 deny icmp from any to any > ma > > any any" which seems the same as before but after that I could ping the B > > from A. > > What's the reason? I'm really confused with what I saw! Is it a bug? > > > > Any hints or suggestions are really appreciated. > > ___ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > > > > This message may contain confidential or privileged information. If you > are not the intended recipient, please advise us immediately and delete > this message. See http://www.datapipe.com/legal/email_disclaimer/ for > further information on confidentiality and the risks of non-secure > electronic communication. If you cannot access these links, please notify > us by reply message and we will send the contents to you. > ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: problem on ipfw using mac addresses
Have you set net.link.ether.ipfw? ~Paul On Wed, Jul 04, 2012 at 05:34:04PM +0430, h bagade wrote: > Hi all, > > I have a problem using ipfw firewall. I have a topology connected as below: > > A(192.168.1.55) - (192.168.1.1)my_sys(192.168.2.1) > ---(192.168.2.12)B > > I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which > works correctly. I can't ping from A to B by the rule. Then I've added mac > part to the rule as the format of "ipfw add 1 deny icmp from any to any ma > any any" which seems the same as before but after that I could ping the B > from A. > What's the reason? I'm really confused with what I saw! Is it a bug? > > Any hints or suggestions are really appreciated. > ___ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/legal/email_disclaimer/ for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: problem on ipfw using mac addresses
On 04.07.2012 17:04, h bagade wrote: > Hi all, > > I have a problem using ipfw firewall. I have a topology connected as below: > > A(192.168.1.55) - (192.168.1.1)my_sys(192.168.2.1) > ---(192.168.2.12)B > > I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which > works correctly. I can't ping from A to B by the rule. Then I've added mac > part to the rule as the format of "ipfw add 1 deny icmp from any to any ma > any any" which seems the same as before but after that I could ping the B > from A. > What's the reason? I'm really confused with what I saw! Is it a bug? > > Any hints or suggestions are really appreciated. Please, read the ipfw(4) manual page about the sysctl variable net.link.ether.ipfw. -- WBR, Andrey V. Elsukov ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
problem on ipfw using mac addresses
Hi all, I have a problem using ipfw firewall. I have a topology connected as below: A(192.168.1.55) - (192.168.1.1)my_sys(192.168.2.1) ---(192.168.2.12)B I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which works correctly. I can't ping from A to B by the rule. Then I've added mac part to the rule as the format of "ipfw add 1 deny icmp from any to any ma any any" which seems the same as before but after that I could ping the B from A. What's the reason? I'm really confused with what I saw! Is it a bug? Any hints or suggestions are really appreciated. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
