Hi, I want to account for "bytes in" using labels. One of my rules
contains a port range but another one includes a port in that range. The
goal is to keep my accounting separate (one for the range and others for
specific ports that happen to lie within that range). So, in a rule, is
it possible to specify a range but then exclude specific ports?
pass out on $EXT \
inet proto tcp \
from $EXT to any \
port > 1024 \
keep state \
label "outbound - $proto:$dstport ->"
pass out on $EXT \
inet proto tcp \
from $EXT to any \
port 2703 \
keep state \
label "outbound - $proto:$dstport ->"
--
Peter
__________________________________________________________
Find your next car at http://autos.yahoo.ca
