Date: Wed, 9 Jan 2002 04:09:32 -0800 (PST) From: Jerry Murdock <jerry_murdock@yahoo.com> To: "Heimes, Rene" <rh@com-con.net>, Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Fw: firewalling with ipfw Message-ID: <20020109120932.71726.qmail@web14609.mail.yahoo.com> In-Reply-To: <022301c19904$189f5a60$0201a8c0@itraktech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
pf on OpenBSD will do this. IPF won't do it natively, but look at IPFMeta in ports. ipfmeta will allow you to define the groups, write rules using them, and then expand everything into proper ipf rules for you. It's perl, probably could be modified for ipfw. Jerry --- Heimes, Rene <rh@com-con.net> wrote: > > so there is no possibility of grouping ip?s that should match a special > ruleset, if they cannot be treated as a "subnet"? > can i perform this action with ipf? can someone point me to a good HOWTO > for that? > > TIA, > Rene > > > Hello there! > > > > How can I realize grouping different IP-Addresses in ipfw? For > Example, > > putting 192.168.40.1, 192.168.40.31 and 192.168.40.21 into one group > > called "abcd"? > > > > You can try to aggregate needed IP addresses with the common mask, if > it is impossinle, then there will not be any performance improvements in > putting different IP addresses to one IPFW rule. __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020109120932.71726.qmail>