getting state to work properly
Vadim Goncharov
vadimnuclight at tpu.ru
Thu Aug 30 01:43:23 PDT 2007
30.08.07 @ 13:19 Russell Fulton wrote:
> If anyone wants to have a look at the rule set I'm happy to mail it to
> them but I don't want it appearing in a public mail archive ;)
You can simply replace all your IP addresses to strings like X.X.X.X,
Y.Y.Y.Y, Z.Z.Z.0/24 etc., and then post it here. That's nothing
interesting in ruleset without real addresses, IMHO. Without ruleset it's
possible to give only the most general advices, like remembering packet
flow (always in and out, two passes), check-state, rule ordering, and so
on.
--
WBR, Vadim Goncharov
More information about the freebsd-ipfw
mailing list