Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Sep 2002 15:54:22 -0300
From:      "Daniel C. Sobral" <dcs@tcoip.com.br>
To:        Luigi Rizzo <rizzo@icir.org>
Cc:        ipfw@FreeBSD.ORG
Subject:   Re: ipfw2 vs. ipfw1 and 4.7
Message-ID:  <3D7E3FDE.6070805@tcoip.com.br>
References:  <20020902082743.D87097@iguana.icir.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Luigi Rizzo wrote:
> People,
> now that the release of 4.7 is approaching, i would really appreciate
> if you could give ipfw2 a try and see whether it breaks anything
> in your rulesets. Also have a look at the manpage highlighting the
> differences between ipfw1 and ipfw2 to see if your rulesets can be
> simplified/made more efficient.

I love ipfw2, even though the breakage of fwd caused me a huge headache. 
Just the set feature would be enough to endear me to it. Now I have a 
reasonably resilient system for firewall rule changes, at last. And just 
being able to type sh /etc/rc.firewall... :-)

As a side note, the man page mentions that 32 sets are available, but 
set 31 is illegal when I try to use it (and sometimes produce very weird 
results indeed).

-- 
Daniel C. Sobral                   (8-DCS)
Gerencia de Operacoes
Divisao de Comunicacao de Dados
Coordenacao de Seguranca
TCO
Fones: 55-61-313-7654/Cel: 55-61-9618-0904
E-mail: Daniel.Capo@tco.net.br
         Daniel.Sobral@tcoip.com.br
         dcs@tcoip.com.br

Outros:
	dcs@newsguy.com
	dcs@freebsd.org
	capo@notorious.bsdconspiracy.net

Never, ever lie to someone you love unless you're
absolutely sure they'll never find out the truth.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?3D7E3FDE.6070805>