per...@pluto.rain.com wrote:
... the 'fwd ... keep-state' statement does create a useful
dynamic rule. It contradicts the ipfw(8) man page but works ...
Hopefully someone who understands all this will submit a patch
for the man page :)
The man page says that the Dynamic rules will be
Victor Sudakov suda...@sibptus.tomsk.ru wrote:
... the 'fwd ... keep-state' statement does create a useful
dynamic rule. It contradicts the ipfw(8) man page but works ...
Hopefully someone who understands all this will submit a patch
for the man page :)
Nikos Vassiliadis wrote:
A packet generated locally 1) should be forwarded by a 'fwd'
rule and 2) should create a dynamic 'allow' rule for returning
traffic. Could you please suggest a ruleset for this.
The fw has the 10.0.0.1 IP address.
The 10.0.0.100 IP address belongs to another
On 9/7/2010 5:52 PM, Victor Sudakov wrote:
A packet generated locally 1) should be forwarded by a 'fwd'
rule and 2) should create a dynamic 'allow' rule for returning
traffic. Could you please suggest a ruleset for this.
The fw has the 10.0.0.1 IP address.
The 10.0.0.100 IP address belongs to
Am I asking something unreasonable?
Victor Sudakov wrote:
What tricks do you use if you need to allow a packet and then fwd
it (or vice versa)? The search terminates and the packet quits ipfw on
fwd as well as on allow.
How do I allow a packet and then policy route it? An example ruleset
On 9/7/2010 12:00 PM, Victor Sudakov wrote:
Am I asking something unreasonable?
Not really, but if you ask, one could say that IPFW is a first
match wins firewall, so a fwd or an allow action would be the
terminal one. You must design your rules accordingly.
There is also the skipto action
Nikos Vassiliadis wrote:
Am I asking something unreasonable?
Not really, but if you ask, one could say that IPFW is a first
match wins firewall, so a fwd or an allow action would be the
terminal one. You must design your rules accordingly.
There is also the skipto action which can alter
On 9/7/2010 2:00 PM, Victor Sudakov wrote:
Nikos Vassiliadis wrote:
Am I asking something unreasonable?
Not really, but if you ask, one could say that IPFW is a first
match wins firewall, so a fwd or an allow action would be the
terminal one. You must design your rules accordingly.
There is
Nikos Vassiliadis wrote:
Am I asking something unreasonable?
Not really, but if you ask, one could say that IPFW is a first
match wins firewall, so a fwd or an allow action would be the
terminal one. You must design your rules accordingly.
There is also the skipto action which can alter
Colleagues,
What tricks do you use if you need to allow a packet and then fwd
it (or vice versa)? The search terminates and the packet quits ipfw on
fwd as well as on allow.
How do I allow a packet and then policy route it? An example ruleset
will be appreciated.
--
Victor Sudakov,
10 matches
Mail list logo