IPFW2, sets and dynamic rules.
Sten Daniel Sørsdal
sten.daniel.sorsdal at wan.no
Mon Sep 1 07:03:35 PDT 2003
Yes but that is only to empty an ancient (possibly empty) ruleset.
Notice the swap in the last bit.
But do dynamic rules keep tabs on which 'set' they belong to?
If so, do their 'set' information get swapped also?
>
> dynamic rules do not survive a delete, so your "delete set 1" is what
> kills your connections.
>
> cheers
> luigi
>
> On Mon, Sep 01, 2003 at 03:29:36PM +0200, Sten Daniel Sørsdal wrote:
> >
> > Being a complete ipfw idiot, i hoped someone could clarify
> this to me.
> >
[.snip.]
> >
> > do the dynamic rules always point to the same set or do the
> point to the new set when i run swap?
> >
> > do i need to enable set 1 afterwards to make it work? how
> is then the line of rule execution, when
> > two sets are enabled?
> >
> > are there any ways to change the set 0 rules while still
> retaining the functionality of the old
> > dynamic rules?
> >
- Sten
More information about the freebsd-ipfw
mailing list