Matching rules on ip4/ip6 with udp/tcp
Andrey V. Elsukov
bu7cher at yandex.ru
Wed Jun 6 18:10:59 UTC 2018
On 06.06.2018 20:36, Dries Michiels wrote:
> Dear Mailing List,
>
> Is there are way to match packets specifying both network generation ip4 or
> ip6 together with the protocol such as tcp or udp?
>
> Currently the following rules are possible (examples):
>
> ipfw add 1 allow udp from any to me 22 in recv em0
>
> The following rule is not possible (example):
>
> ipfw add 1 allow ip4 udp from any to me 22 in recv em0
You can use "proto" option:
ipfw add 1 allow ip4 from any to me 22 in recv em0 proto tcp
ipfw add 1 allow tcp from any to me 22 in recv em0 not proto ip6
ipfw add 1 allow ip6 from any to me 22 in recv em0 proto tcp
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ipfw/attachments/20180606/1d9eb501/attachment.sig>
More information about the freebsd-ipfw
mailing list