NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/47749
The following reply was made to PR kern/47749; it has been noted by GNATS.
From: Sergio Lopez <slp%sinrega.org@localhost>
To: Darren Reed <darrenr%netbsd.org@localhost>
Cc: gnats-bugs%NetBSD.org@localhost, martin%duskware.de@localhost
Subject: Re: kern/47749
Date: Fri, 30 Aug 2013 08:39:51 +0000
> Can you give me an example that uses ipftest to show this behaviour?
Sure:
stable61164# cat /root/pr44749/rules.out
pass out log quick proto icmp from any to any keep state
stable61164# cat /root/pr44749/rules.out.nostate
pass out log quick proto icmp from any to any
stable61164# cat /root/pr44749/test.out
in on re0 icmp 192.168.0.4 192.168.0.21
out on re0 icmp 192.168.0.21 192.168.0.4
in on re0 icmp 192.168.0.4 192.168.0.21
out on re0 icmp 192.168.0.21 192.168.0.4
in on re0 icmp 192.168.0.4 192.168.0.21
out on re0 icmp 192.168.0.21 192.168.0.4
stable61164# ./ipftest -r /root/pr44749/rules.out -i /root/pr44749/test.out
nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------nomatch ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
--------------nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------block ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
--------------nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------block ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
stable61164# ./ipftest -r /root/pr44749/rules.out.nostate -i
/root/pr44749/test.out
nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------pass ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
--------------nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------pass ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
--------------nomatch ip #0 48(20) 1 192.168.0.4 > 192.168.0.21
--------------pass ip #0 48(20) 1 192.168.0.21 > 192.168.0.4
Sergio.
Home |
Main Index |
Thread Index |
Old Index