IPFilter & FreeBSD-10.1
Valeri Galtsev
galtsev at kicp.uchicago.edu
Thu Jan 22 15:38:54 UTC 2015
On Wed, January 21, 2015 11:20 pm, Shane Ambler wrote:
> On 22/01/2015 10:02, Valeri Galtsev wrote:
>>
>> On Wed, January 21, 2015 3:29 am, Odhiambo Washington wrote:
>>> Hi Shane,
>>>
>>> Where is the new syntax documented? Or I just have to 'man ipf'? I'd
>>> love
>>> to see a web discussion about it, which I obviously missed.
>>>
>>> Is there a sort of rule converter? :-)
>>>
>>> Thank you for mentioning this syntax thing. Must be the one that was
>>> biting
>>> me on 10.1
>
> I use ipfw myself, I read the email out of curiosity.
>
> Personally I would clear the rules and add one at a time till I get an
> error. Sounds like some people have no problem so there may only be one
> small change that breaks your rules.
Yes, thanks. Indeed that's right way to do troubleshooting, which we
always used... I feel embarrassed I didn't do this sort of troubleshooting
myself before posting the question. (Yet, I've found "workaround", and
described it in the thread I've started which partly excuses me ;-) It
more looks like crippled something in my ipf.rules that is being happily
swallowed by old code, yet new code chokes on it. (similar thing may be
true in case of another person's problem). I'll post to this threat if I
find something like that in my case.
>
>>
>> I wonder if anyone knows URl of official website of ipfilter. Both
>> project
>> info on sourceforge (http://sourceforge.net/projects/ipfilter/) and
>> wikipedia page (https://en.wikipedia.org/wiki/IPFilter) point at the
>> place
>> which apparently doesn't exist so you end up getting just front page of
>> the university: http://asiapacific.anu.edu.au/ ...
>
> The handbook page on ipfilter links to http://www.phildev.net/ipf/
> which is only a faq page, so it looks like the man pages are the best
> docs.
Indeed, if nothing changed in the rule syntax, then FreeBSD DocBook is the
best place to go, and I personally don't feel I need anything more.
Valeri
>
> Sourceforge could still be the place of all development, the cvs repo
> has a few files that were changed 7 months ago.
>
>> One does want to read the documentation to be able to keep using
>> ipfilter
>> on FreBSD 10.x (as one did on FreeBSD 9.x in the past). And with syntax
>> changed, one does have to read Documentation (and here brilliant FreeBSD
>> documentation seems to be outdated...)
>>
>> Thanks a lot for your answers!
>>
>> Valeri
>
> --
> FreeBSD - the place to B...Software Developing
>
> Shane Ambler
>
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the freebsd-questions
mailing list