Date: Mon, 16 Jan 2012 11:40:08 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: Freddie Cash <fjwcash@gmail.com> Cc: vip 71541 <vip71541@gmail.com>, ipfw@freebsd.org Subject: Re: Problem with passive ftp in IPFW! Message-ID: <CAHu1Y73y0CQW97RJ0cTw_Gs=dhuTDnXadd6-uiT8qnGayvii8g@mail.gmail.com> In-Reply-To: <CAOjFWZ7N3kZJgEo3OecAFPKejUAWZdu%2BpcD8MFxttNbLuWUxZA@mail.gmail.com> References: <CAFuaoCR5eMktyPc0ZRoOTVvMw1QQd4Z7QDe_YkxgR=wMTPXbTw@mail.gmail.com> <CAOjFWZ7N3kZJgEo3OecAFPKejUAWZdu%2BpcD8MFxttNbLuWUxZA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 16, 2012 at 11:05 AM, Freddie Cash <fjwcash@gmail.com> wrote: > Personally, I don't use skipto rules, as I find them to just cause > confusion. ... skipto rules are essential in numerous instances, especially once you start using tableargs, or want to partition your ruleset based on incoming interface. > Personally, I also don't use stateful filter rules ... Perhaps not, but they're useful for outbound connections/dns queries/etc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y73y0CQW97RJ0cTw_Gs=dhuTDnXadd6-uiT8qnGayvii8g>