ipfw allows to write this
ipfw add pass src-ip 200.2.2.0/28\{\} proto ip
and accept it as
allow ip from any to any src-ip 200.2.2.0/28}
this is probably not the correct behaviour isn't it?
João
A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service forn
On Friday 24 February 2006 06:41, Hajimu UMEMOTO wrote:
>
> joao> ipfw add 1000 divert 8669 dst-ip 0.0.0.0 src-ip 0.0.0.0
>
> joao> work than?
>
> It should work.
>
> joao> How should I rewrite my rules or better regressing to the old "ip from
> any to
> joao> any" ?
> It should work as expected
On Tuesday 21 February 2006 02:50, Hajimu UMEMOTO wrote:
> joao> same reason why "... pipe proto ip in|out" does not pipe any more,
> right?
>
> Yes.
>
in addition to our "proto" talk. omitting "proto" in the rule the rule as in
ipfw add deny dst-ip ${IP} recv ${NIC}
works, but this
ipfw add d
On Monday 20 February 2006 12:08, Hajimu UMEMOTO wrote:
> It was MFC'ed into RELENG_6:
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/ipfw/ipfw2.c.diff?r1=1.76.2.
>1&r2=1.76.2.2
>
> The change is in meaning of `proto'. So, it is not only for `divert'.
good, I see
same reason why "... pipe p
On Monday 20 February 2006 00:00, Hajimu UMEMOTO wrote:
>
> joao> ipfw add 1000 divert 8669 proto ip
> joao> 01000 divert 8669 ip from any to any proto ip
>
> The ipfw supports an IPv6 on 6.x and later. It broke a syntax for a
> tunnel. So, this was changed to mean an IPv4 over IPv4 tunnel on
