"to" rule in /etc/ipf/ipf.conf seems not to work

To:	ipfilter@coombs.anu.edu.au
Subject:	"to" rule in /etc/ipf/ipf.conf seems not to work
From:	"Ian Brown" <ianbrn@gmail.com>
Date:	Mon, 4 Dec 2006 12:36:55 +0200
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	ipfilter-list@securepoint.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=E3LzX2+PfO4BnyY+iZD4NBTylSeLldaolKpNuxB6jMGq+K6NIvcWIAzZ0pnttn3+a5KZPGSijjtWhrp3n1Jh6D+4kXLc0Tl4DWl9E3RouJi8BV3kNmXmoVV5AmsUoG2IuV7EFVLQ91IKfe/yoaX3Iu+nE41NpQurXKFaJ2PMoW4=
Sender:	owner-ipfilter@coombs.anu.edu.au

Hello,

I have the following rule in /etc/ipf/ipf.conf:
block in quick on e1000g0 to e1000g1 proto udp from any to any port 6000 >< 6010
after it there is "pass in all", and there are no rules except these two rules.

I have an applcation which sends UDP packets on port 6000
from a different machine to the machine on which this ipf rule is running.
e1000g0 has the following ip address: 192.168.0.28
and e1000g1 has the following ip address: 192.168.0.29

The UDP packets are sent to 192.168.0.28.
As I understand, accordng to this rule I should have see these packets on
e1000g1 (192.168.0.29) ; However, running on that machine
snoop -d e1000g0 shows these pacekets
but snoop -d e1000g1 does NOT ; any idea what can be the problem ?
running ipf -V shoes that ipf is running.
and also ifconfig -a |grep e1000g1
e1000g1: flags=201100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4,CoS>
mtu 1500 index 3
which means that e1000g1 is UP and RUNNING
Any ideas what can be the problem?


Ian

<Prev in Thread]	Current Thread	[Next in Thread>
"to" rule in /etc/ipf/ipf.conf seems not to work, Ian Brown <=

Next by Date:	RTSP rules, Rabellino Sergio
Next by Thread:	RTSP rules, Rabellino Sergio
Indexes:	[Date] [Thread] [Top] [All Lists]