On Tue, 4 Aug 2009, Freddie Cash wrote:
> 2009/8/4 Miroslav Chlastak <m...@chlastak.cz>
>
> > Hi all,
> >
> > it's possible to create one rule to pass (or disable) all traffic (all
> > protocols - from /etc/protocols)?
> > I know, that I can use "all" keyword. But this keyword "all" mean only
> > "tcp, udp, icmp" protocols.
> > But there is more then tcp, udp and icmp protocol (gre,esp,ospf,...). If I
> > can allow all of this protocols, so at the moment I have to create 134
> > rules
> > (1 rule for 1 protocol from /etc/protocols).
> >
>
> If this is for IPFW, just use "ip" or "any". That will match any IP
> packets, regardless of what protocol data is inside the packet.
To be fussy, 'any' applies to addresses; 'ip' or 'all' is what's needed here:
protocol: [not] protocol-name | protocol-number
An IPv4 protocol specified by number or name (for a complete list
see /etc/protocols). The ip or all keywords mean any protocol
will match.
cheers, Ian
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
