Hi,
Just a question: Is the output from "ipfw list" supposed
to be in the same rule format that is accepted as input?
If that's the case, then there is a small bug:
# ipfw add 100 allow ip from any to '{' 1.1.1.1 or 2.2.2.2 '}'
00100 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
# ipfw list 100
00100 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
# ipfw add 200 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
ipfw: hostname ``dst-ip'' unknown
So it inserts the word "dst-ip" in the output when an "or"
block is used, but that word isn't accepted as input.
I think the output from "ipfw list" should be valid rule
format that could be fed back as input to ipfw(8).
In fact that's exactly what I need to do in a script that
I've written recently, and the "dst-ip" problem bit me.
I had to work around it with sed(1).
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
"Python is an experiment in how much freedom programmers need.
Too much freedom and nobody can read another's code; too little
and expressiveness is endangered."
-- Guido van Rossum
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[email protected]"
