Dear ipfw maintainer, I read the following from https://www.freebsd.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=freebsd-release-ports#end .
> The rule body has the following format: > > [*proto* *from* *src* *to* *dst*] [*options*] > > The first part (proto from src to dst) is for backward > compatibility with > earlier versions of FreeBSD. In modern FreeBSD any match pattern > (including MAC headers, IP protocols, addresses and ports) can be > speci- > fied in the *options* section. > > And, my firewall_script as follows: > #!/bin/sh fwcmd="/sbin/ipfw -q" ${fwcmd} -f flush ${fwcmd} add allow proto tcp src-ip me setup keep-state :default ${fwcmd} add allow proto udp src-ip me keep-state :default And, I found these rules is not protecting my FreeBSD box. Question: How can I write ipfw rules for modern FreeBSD only? _______________________________________________ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"