ssh/scp filtering, iplen problem
Pawel Malachowski
pawmal-posting at freebsd.lublin.pl
Sat Sep 20 09:18:09 PDT 2003
On Sat, Sep 20, 2003 at 05:10:24PM +0200, Oliver Fromme wrote:
> According to ipfw(8), there is an "iplen" option for
> filtering -- but it filters on an exact size. What I
> need is a way to specify a rule that matches on, say,
> packets on port 22 that are larger than 1000 bytes.
> Is that possible with IPFW2?
Yes, thanks to Luigi it is possible to use iplen ranges.
--
Paweł Małachowski
More information about the freebsd-ipfw
mailing list