Date: Sun, 15 Dec 2002 22:20:23 -0800 From: Gary D Kline <kline@thought.org> To: FreeBSD Mailing List <freebsd-questions@FreeBSD.ORG> Subject: To ipfw wizards: does this look valid? Message-ID: <20021216062023.GA20796@tao.thought.org>
next in thread | raw e-mail | index | archive | help
Appended is my first cut at translation from ipf to ipfw. Would the lines prepended with [IPFW] do what the [IPF] lines do? thanks for any insights, gary -- Gary Kline kline@thought.org www.thought.org Public service Unix [IPF] pass out quick on dc0 proto tcp from any to any keep state [IPF] pass out quick on dc0 proto udp from any to any keep state [IPF] pass out quick on dc0 proto icmp from any to any keep state [IPFW] add 100 allow tcp from any to any in via dc0 [IPFW] add 200 allow udp from any to any in via dc0 [IPFW] 300 allow icmp from any to any out icmptypes 8 [IPFW] 400 allow icmp from any to any in icmptypes 0 [IPFW] 500 deny icmp from any to any in icmptypes 8 # Let in SSH on port 22 [IPF] pass in quick on dc0 proto tcp from any to 216.231.43.140/32 port = 22 [IPF] pass in quick on dc0 proto udp from any to 216.231.43.140/32 port = 22 # Allow in SSH on port 22 [IPFW] add 1100 allow tcp from any to 216.231.43.140 22 in via dc0 [IPFW] add 1200 allow udp from any to 216.231.43.140 22 in via dc0 [ # Let in FTP data connections [IPF] pass in quick on dc0 proto tcp from any to any port 7499 >< 8501 [IPF] pass in quick on dc0 proto tcp from any to any port = 21 # Allow FTP data connections [IPFW] add 1300 allow tcp from any to 216.231.43.140 21 7499-8501 in via dc0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021216062023.GA20796>