Dear ipfw maintainer,
I read the following from
https://www.freebsd.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=freebsd-release-ports#end
.
> The rule body has the following format:
>
> [*proto* *from* *src* *to* *dst*] [*options*]
>
> The first part (proto from src to dst) is for backward
> compatibility with
> earlier versions of FreeBSD. In modern FreeBSD any match pattern
> (including MAC headers, IP protocols, addresses and ports) can be
> speci-
> fied in the *options* section.
>
>
And, my firewall_script as follows:
>
#!/bin/sh
fwcmd="/sbin/ipfw -q"
${fwcmd} -f flush
${fwcmd} add allow proto tcp src-ip me setup keep-state :default
${fwcmd} add allow proto udp src-ip me keep-state :default
And, I found these rules is not protecting my FreeBSD box.
Question: How can I write ipfw rules for modern FreeBSD only?
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
