Sereciya :: Prioritizing empty TCP ACKs... OpenBSD pf ->
FreeBSD ipfw Translation
clemens fischer
ino-qc at spotteswoode.de.eu.org
Mon Apr 7 00:41:41 PDT 2003
Sereciya Kurdistani <sereciya at kurdistan.ath.cx>:
> Suggestions, recommendations & corrections gladly accepted; send
> em over!
i'd suggest you start with something different: spend some time
setting up scripts allowing you test firewall rules with frequent
changes. the more you invest in this, the better you can
experiment. note that ipfw allows you to log every rule firing, it
has options to list the rules together with the last time they fired.
just found an example in /usr/share/examples/ipfw/change_rules.sh.
you will find a lot more example especially on traffic shaping using
dummynet(4) in the documentation for ipa, and you'll find examples
for it in examples/ipa/. if you have this nifty tool installed, that
is.
clemens
More information about the freebsd-ipfw
mailing list