> Looks good! Comments inline...
>
> Charles Steinkuehler
> http://lrp.steinkuehler.net
> http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
>
>
<snip>
> > you can also use the net command
> > # net
> > Usage: net start|stop|reload
> > net ifup|ifdown|ifreset eth0|eth1|eth2|all
> > net ipfilter load|flush|reload
> > net ipfilter list [input|output|forward|autofw|mfw|portfw]
> > net ipfilter list masq|masquerade
>
> IIRC, some of these commands are unique to the 'mountain'
> series, especially
> the "net ipfilter ..." commands. Any 2.9.x or Oxygen users
> care to comment?
No "net" command in 2.9.8
<snip>
> > FIREWALL RUNNING RFC PRIVATE CLASS ADDRESS ON WAN CONNECTION
> > # edit /etc/ipfilter.conf and comment out the applied line of the
> > function:
> >
> > # #A function to filter out martian source addesses
> > stop martians () {
> > #RFC 1918/1617/1597 blocks
> > $IPCH -A $LIST -j DENY -p all -s 10.0.0.0/8 -d 0/0 -l $*
> > $IPCH -A $LIST -j DENY -p all -s 192.168.0.0/24 -d 0/0 -l $*
> >
> > #then have it take effect with "svi network reload".
>
> Maybe something that makes it a bit clearer the above (silent deny and
> private IP mods) only applies to the 'mountain'
> firewalls...not to Oxygen or
> LRP 2.9.x
LRP 2.9.x don't use ipfilter.conf
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
