kern/121807: Sugestion: TCP and UDP port_table in ipfw
Joao Rocha Braga Filho
goffredo at gmail.com
Mon Mar 17 20:20:01 UTC 2008
>Number: 121807
>Category: kern
>Synopsis: Sugestion: TCP and UDP port_table in ipfw
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Mar 17 20:20:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Joao Rocha Braga Filho
>Release: 6.2, 6.3 and 7.0
>Organization:
Paraty.com
>Environment:
>Description:
Why not exist a TCP/UDP port_table for IPFW? It can solve 30 itens limit in ipfw rule. It is good to use in QoS.
Example
ipfw add allow { tcp or udp } from any port_table(10) to any
ipfw port_table 10 add 20,21,25,110,443,993,995,1025-65535
# Deny bad ports
ipfw add deny { tcp or udp } from any to any port_table(11)
ipfw port_table 11 add 135,137-139,445
ipfw add queue 100 udp from any port_table(20) to any
ipfw port_table(20) add 123,53
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list