[PATCH] ipv4 only rules (test and feedback)
Luigi Rizzo
rizzo at icir.org
Fri May 27 12:03:47 PDT 2005
remember that ipfw2 lets you pass only those options you need
so something like
ipfw add deny proto udp ipv4
should work
On Fri, May 27, 2005 at 07:32:42PM +0200, Max Laier wrote:
> On Thursday 26 May 2005 13:21, Richard Tector wrote:
> > Max Laier wrote:
> > >With the patch attached you can now do:
> > >
> > > ipfw add 100 deny ipv4 from any to any
> > >or
> > > ipfw add 100 deny ipv6 from any to any
> > >
> > >to block IPv4 or IPv6.
> >
> > How would you, for example, deny all udp traffic over ipv4 but not ipv6?
> > Is this possible with ipfw2 as it stands?
>
> ipfw add 100 deny ipv4 from any to any proto udp
>
> should do the trick, but unfortunately this comes back as:
>
> 100 deny udp from any to any
>
> so I have to fix ipfw show for these cases. Thanks for bringing this up.
>
> --
> /"\ Best regards, | mlaier at freebsd.org
> \ / Max Laier | ICQ #67774661
> X http://pf4freebsd.love2party.net/ | mlaier at EFnet
> / \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-ipfw
mailing list