Named states in ipfw (and old rulesets)
Lev Serebryakov
lev at FreeBSD.org
Sun Aug 14 17:27:00 UTC 2016
Hello Lev,
Sunday, August 14, 2016, 8:20:16 PM, you wrote:
> Line 155: Ambiguous state name '//', 'default' used instead.
> : No error: 0
> 00000 check-state default
Ok, really this one is (no rule number, I'm rely on auto-numbering):
add nat 2 // De-NAT
add check-state // Make things faster
add skipto 30000 // Allowed local services - common block
But looks like, that comment is lost here, here is output of "ipfw show"
after boot:
13050 0 0 nat 2 ip from any to any // De-NAT
13060 0 0 check-state default
13070 0 0 skipto 30000 ip from any to any // Allowed local services - common block
So, yes, comment is lost!
--
Best regards,
Lev mailto:lev at serebryakov.spb.ru
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 960 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ipfw/attachments/20160814/b13cbcce/attachment.sig>
More information about the freebsd-ipfw
mailing list