On 3/15/06, Albert Shih <[EMAIL PROTECTED]> wrote: > Hi all > > How can I add a rule with ipfw with automatics numbering but with a minimal > number ? > > I've (for example) some rule in the kernel > > 00100 0 0 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > .......................................................... > 01000 0 0 allow ip from .... > 65535 0 0 deny ip from any to any > > I want add some rule (with sshblack for example > http://www.pettingers.org/code/sshblack.html) automaticaly with number 1100 > , 1200, etc... > > How can I do that ? > > Regards. > > -- > Albert SHIH > Universite de Paris 7 (Denis DIDEROT) > U.F.R. de Mathematiques. > Heure local/Local time: > Wed Mar 15 16:43:34 CET 2006 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" >
Please read ipfw(8) manpage. [quote] Automatic rule numbers are assigned by incrementing the last non- default rule number by the value of the sysctl variable net.inet.ip.fw.autoinc_step which defaults to 100. If this is not possible (e.g. because we would go beyond the maximum allowed rule number), the number of the last non-default value is used instead. [/quote] There's nothing more to it. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"