Hi, > On Sun, Dec 05, 2004 at 06:46:02PM +0100, uhel wrote: >> Hi, >> >> i've read that IPF 4.1.x supports simple macros but i've found no >> example. I updated my NetBSD box to 2.0 which has IPF 4.1.3 but it >> has an old manpage without macros.. >> Can anyone give me one or two examples howto use the marco thing? >>
> Here are a few examples: > ext_if="ex0"; > lo_if="lo0"; > tcp_flags="S/SA"; > tcp_services="(22, 80, 443)"; > private_nets="(192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8)"; > pass in quick on $lo_if all > pass out quick on $lo_if all > block in on $ext_if all > block out on $ext_if all > block in quick on $ext_if from $private_nets to any > pass in quick on $ext_if proto tcp from any to any port = $tcp_services \ > flags $tcp_flags keep state > pass in quick on $ext_if proto udp from any to any port = 53 keep state > pass out quick on $ext_if all keep state thanks a lot! -- _ mailto:[EMAIL PROTECTED] ( ) -- x ASCII RIBBON CAMPAIGN / \ AGAINST HTML MAIL
