"Brian F. Feldman" <gr...@unixhelp.org> writes: > On 19 Jun 1999, Dag-Erling Smorgrav wrote: > > Rewriting ipfw rules to ipfilter rules on the fly should be trivial; a > > simple Perl script should be sufficient. > Not quite as trivial as you think. ipfw and ipf are completely backwards when > it comes > to rule order: in ipfw, the first rule matched takes effect; in ipf, the last > rule matched > takes effect.
Just throw in 'quick' and ipfilter behaves just like ipfw. > Note that > Luigi's > extra ipfw functionality and my extra ipfw functionality _will_ be wanted in > ipf > before everyone is necessarily willing to switch. Divert sockets, dummynet and credential-based filtering would be sorely missed if they weren't ported to ipfilter. DES -- Dag-Erling Smorgrav - d...@flood.ping.uio.no To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
