Hi Matthias,
There are 2 different places compare to IPFW from FreeBSD
1. You dont need "{" and "}", you can use below
ipfw3 add allow log 1 all *from 192.168.1.1 or 192.168.1.2* to 192.168.0.1
2. log 1 means it will duplicate the traffic to ipfw0 interface. currently
it supports ipfw0 ~ ipfw9 only. just dont want to waste too much memory and
most of time, 10 logging destinations are enough to use i think.
Regards,
Bill Yuan
On 17 January 2016 at 23:09, Matthias Play <[email protected]> wrote:
> Hi,
>
> I use a shell script to setup my ipfw3 firewall and want to define network
> lists to shorten my rule set. For that I used the approach described inside
> the example section on ipfw3 in 'man ipfw3' like the following:
>
> #!/bin/sh
> nets_allowed="{ 192.168.1.1 or 192.168.1.2 }"
> ipfw3 add allow log 1 ip in from ${nets_allowed} to 192.168.0.1
>
> When I run this script I get the following error:
>
> ipfw3: hostname ``{'' unknown
>
> Can you also reproduce this error?
>
> Regards
> Matthias
>
