Re: [xyzzy@sysabend.org: ipnat/ipf state problem]

This is a discussion on Re: [xyzzy@sysabend.org: ipnat/ipf state problem] within the IPFilter forums, part of the System Security and Security Related category; On Thu, Jul 01, 2004 at 04:32:53PM -0700, Tom Arnold wrote: > This may all be a cosmetic ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page Re: [xyzzy@sysabend.org: ipnat/ipf state problem]

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-02-2004
Guido van Rooij
 
Posts: n/a
Default Re: [xyzzy@sysabend.org: ipnat/ipf state problem]
On Thu, Jul 01, 2004 at 04:32:53PM -0700, Tom Arnold wrote:
> This may all be a cosmetic issue of some kind. As a test today I gave up
> and yanked out the final logging pass statements and installed the rules,
> and even though things werent being logged correctly, it does in fact seem
> to be working just fine. The only reason we had the final logging pass in
> there was to see if something was missing all the quick rules above it.
>
> Based on whats being logged, where does the state table come into play. Is
> it before or after the normal ruleset?

Before. But if you specify "log" all packets from that state will be logged.
You probably want to specify "log first" where only the packet leading
to the state entry will be logged.

-Guido
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:53 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0