IPFilter & FreeBSD-10.1

[Odhiambo Washington]

Hi Shane,

Where is the new syntax documented? Or I just have to 'man ipf'? I'd love
to see a web discussion about it, which I obviously missed.

Is there a sort of rule converter? :-)

Thank you for mentioning this syntax thing. Must be the one that was biting
me on 10.1



On 21 January 2015 at 12:24, Shane Ambler <FreeBSD at shaneware.biz> wrote:

> On 21/01/2015 16:15, Odhiambo Washington wrote:
>
>> Hi Ben,
>>
>> Thanks for this. I actually read this bit of it having been updated to
>> version 5.1.2 in FreeBSD 10.0.
>>
>> However, my problem emanated from the fact that rules that I use on
>> FreeBSD-8.4/9.3 simply could not work on 10.1
>>
>> I simply carried the rules over, and did not compile a custom kernel on
>> 10.1. I was believing that the module will be automatically loaded and
>> rules would work. They didn't! Only 'ipf -D' would let connections to be
>> made from LAN PCs to my gateway PC..
>>
>
>  I read a post in which someone had to copy the sources from 9.x to 10.x
>> and
>> recompile in order to get it to work with the rules from 9.x
>>
>
> The update from 4.1.28->5.1.2 may include changes that requires
> adjusting old rules to the new syntax.
>
> While going back to an older version can get your old settings to work
> again it also removes any security fixes from the update. Updating your
> ruleset would be a better solution.
>
>
> --
> FreeBSD - the place to B...Software Developing
>
> Shane Ambler
>
>


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."