Date: Sun, 27 Sep 1998 14:56:14 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Eivind Eklund <eivind@yes.no> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, andrew@squiz.co.nz, Heikki Suonsivu <hsu@clinet.fi>, freebsd-security@FreeBSD.ORG Subject: Re: ipfw Message-ID: <199809271856.OAA04433@khavrinen.lcs.mit.edu> In-Reply-To: <19980927201139.00803@follo.net> References: <Pine.BSF.3.96.980928011721.390K-100000@aniwa.sky> <11806.906905580@critter.freebsd.dk> <19980927201139.00803@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sun, 27 Sep 1998 20:11:39 +0200, Eivind Eklund <eivind@yes.no> said: >> * per interface input list >> * per interface output list >> * packet forwarding list >> * ip_input() list >> * ip_output() list > I don't think it would have to be complex to configure it - we could > do this splitting automatically, based on what the users has > configured and an 'ipfw finalize' or similar. > Of course, I would rather have everything be explicit, but that has > been shouted down when I suggested it, too. int fast1/0 ip access-group nosmurf out ! int eth3/0 ip access-group mumblefrotz in ! line vty 0 3 access-class 27 ! ...sound familiar? -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809271856.OAA04433>