From owner-cvs-all  Tue Feb 13  9:58:14 2001
Delivered-To: cvs-all@freebsd.org
Received: from harmony.village.org (rover.village.org [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP
	id D7A0337B491; Tue, 13 Feb 2001 09:58:08 -0800 (PST)
Received: from harmony.village.org (localhost.village.org [127.0.0.1])
	by harmony.village.org (8.11.1/8.11.1) with ESMTP id f1DHtQW39918;
	Tue, 13 Feb 2001 10:55:26 -0700 (MST)
	(envelope-from imp@harmony.village.org)
Message-Id: <200102131755.f1DHtQW39918@harmony.village.org>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Subject: Re: cvs commit: src/sys/netinet ip_fw.c ip_fw.h src/sbin/ipfw ipfw.8 ipfw.c 
Cc: Luigi Rizzo <rizzo@aciri.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
In-reply-to: Your message of "Tue, 13 Feb 2001 18:38:58 +0100."
		<52435.982085938@critter> 
References: <52435.982085938@critter>  
Date: Tue, 13 Feb 2001 10:55:26 -0700
From: Warner Losh <imp@harmony.village.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <52435.982085938@critter> Poul-Henning Kamp writes:
: A forwarded packet would encounter three lists of rules:
: 
: 	Input list on arrival interface
: 	forwarding list
: 	Output list on departure interface

That would make my life easier here.  Right now I have a shell script
with nested for loops to prevent bogus packets coming in (and no
filtering at all going out).  When there's 8 interfaces, it gets ugly
fast.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message