Date: Wed, 02 Jun 2010 13:23:11 +0100 From: Michal <ml@infosec.pl> To: freebsd-ipfw@freebsd.org Subject: beginner's question about proper syntax Message-ID: <4C064D2F.8060800@infosec.pl>
next in thread | raw e-mail | index | archive | help
Hello, I don't have to worry about backward compatibility and I would like to go with 'modern' syntax for rule body. Are these two rules equal and exactly the same for ipfw? Is there any overhead or drawbacks of using one and not the other? example 1: allow tcp from me $ports_range_bc to any 80 out via $if_ext setup keep-state uid $user_regular example 2: allow out via $if_ext proto tcp src-ip me src-port $ports_range_bc dst-ip any dst-port 80 uid $user_regular setup keep-state After loading and listing my rules I can see that example 2 was processed as: allow ip from any to any out via wlan0 proto tcp src-ip me src-port 1024-65535 dst-port 80 uid michal setup keep-state Michal -- "Et ipsa scientia potestas est." -- Francis Bacon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C064D2F.8060800>