beginner's question about proper syntax
ml at infosec.pl
Wed Jun 2 12:23:26 UTC 2010
I don't have to worry about backward compatibility and I would like to
go with 'modern' syntax for rule body.
Are these two rules equal and exactly the same for ipfw? Is there any
overhead or drawbacks of using one and not the other?
allow tcp from me $ports_range_bc to any 80 out via $if_ext setup
keep-state uid $user_regular
allow out via $if_ext proto tcp src-ip me src-port $ports_range_bc
dst-ip any dst-port 80 uid $user_regular setup keep-state
After loading and listing my rules I can see that example 2 was
allow ip from any to any out via wlan0 proto tcp src-ip me src-port
1024-65535 dst-port 80 uid michal setup keep-state
"Et ipsa scientia potestas est." -- Francis Bacon
More information about the freebsd-ipfw