Date: Fri, 27 May 2005 12:03:42 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Max Laier <max@love2party.net> Cc: freebsd-ipfw@freebsd.org, Richard Tector <richardtector@thekeelecentre.com> Subject: Re: [PATCH] ipv4 only rules (test and feedback) Message-ID: <20050527120342.A4538@xorpc.icir.org> In-Reply-To: <200505271932.51562.max@love2party.net>; from max@love2party.net on Fri, May 27, 2005 at 07:32:42PM %2B0200 References: <200505251634.34478.max@love2party.net> <4295B14B.2010302@thekeelecentre.com> <200505271932.51562.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
remember that ipfw2 lets you pass only those options you need so something like ipfw add deny proto udp ipv4 should work On Fri, May 27, 2005 at 07:32:42PM +0200, Max Laier wrote: > On Thursday 26 May 2005 13:21, Richard Tector wrote: > > Max Laier wrote: > > >With the patch attached you can now do: > > > > > > ipfw add 100 deny ipv4 from any to any > > >or > > > ipfw add 100 deny ipv6 from any to any > > > > > >to block IPv4 or IPv6. > > > > How would you, for example, deny all udp traffic over ipv4 but not ipv6? > > Is this possible with ipfw2 as it stands? > > ipfw add 100 deny ipv4 from any to any proto udp > > should do the trick, but unfortunately this comes back as: > > 100 deny udp from any to any > > so I have to fix ipfw show for these cases. Thanks for bringing this up. > > -- > /"\ Best regards, | mlaier@freebsd.org > \ / Max Laier | ICQ #67774661 > X http://pf4freebsd.love2party.net/ | mlaier@EFnet > / \ ASCII Ribbon Campaign | Against HTML Mail and News
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050527120342.A4538>