"fbsd_user" <[EMAIL PROTECTED]> writes: > Reading the man page on IPFW rule syntax, I get the impression that > the 'limit' option uses the stateful dynamic rules table. But it's > unclear whether 'keep state' and limit can be used on the same rule, > or if the limit option performs the 'keep state' function in > addition to the limit function. > > So as an example > > $cmd 00390 allow tcp from any to any 22 in via dc0 setup keep-state > limit src-addr 3 > > will this work? >
limit implies keep-state, and you should really specify one or the other. If you specify both, ipfw won't complain, but ipfw2 will. So it's best to not do that. -- Dan Pelleg _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
