ipfw dynamic rules
Julian Elischer
julian at freebsd.org
Sun Mar 23 05:39:44 UTC 2014
reposting with a useful subject line and more comments
On 3/22/14, 10:33 PM, Julian Elischer wrote:
>
> in ipfw that's up to you..
> but I usually put the check-state quite early in my rule sets.
>
On 3/22/14, 1:34 AM, Ian Smith wrote:
> Firstly, that's the one page in the handbook (that I know of) that needs
> completely nuking. It contains many factual errors as well as weird
> notions, and will only tend to mislead you; consult ipfw(8) and prosper.
> I'd say refer to the examples in rc.firewall but it too is in disrepair.
I am working on a new rc.firewall that is much more efficient.
the trouble is that the script to make it do what I want is a bit more
complicated.
I'll put it out for discussion later. maybe tonight.
as for the handbook pages.. after we see how the new firewall rules work
we can see about rewriting the page.
More information about the freebsd-ipfw
mailing list