ipfw fwd and ipfw allow
Victor Sudakov
sudakov at sibptus.tomsk.ru
Tue Sep 7 14:52:33 UTC 2010
Nikos Vassiliadis wrote:
> >>>Am I asking something unreasonable?
> >>
> >>Not really, but if you ask, one could say that IPFW is a "first
> >>match wins" firewall, so a fwd or an allow action would be the
> >>terminal one. You must design your rules accordingly.
> >>
> >>There is also the skipto action which can alter the way packets
> >>flow through the rules.
> >>
> >>Could you describe in a conrete example what you're trying to
> >>achieve?
> >
> >I want forwarded packets to create a dynamic "allow" rule.
> >
>
> You can combine fwd and keep-state.
I hope so. I just don't understand how.
> Could you be more specific?
A packet generated locally 1) should be forwarded by a 'fwd'
rule and 2) should create a dynamic 'allow' rule for returning
traffic. Could you please suggest a ruleset for this.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru
More information about the freebsd-questions
mailing list