[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: newbie question
From:       "Toomas Aas" <toomas.aas () raad ! tartu ! ee>
Date:       2004-07-29 17:24:37
Message-ID: 200407291725.i6THPBJt029164 () lv ! raad ! tartu ! ee
[Download RAW message or body]

> My first two rules are
> 
> block in on hme0 all
> pass out quick on hme0 from 214.43.22.55/32  to any keep state
> 
> doing an ipfstat I see:
> 
> bad packets:            in 0    out 0
>  IPv6 packets:          in 0 out 0
>  input packets:         blocked 2504 passed 3776441 nomatch 722701 counted 0 short 0
> output packets:         blocked 0 passed 1635430 nomatch 658899 counted 0 short 0
> 
> I would assume that the two rules above would match every packet so where
> are these "nomatch" packets coming from?

Is hme0 the only interface on this system? What about loopback?
--
Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/
* If you don't leave me alone, i'll go and find someone else who will.

[prev in list] [next in list] [prev in thread] [next in thread]