From owner-freebsd-ipfw@FreeBSD.ORG Wed Mar 10 11:20:50 2010 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E634F1065670 for ; Wed, 10 Mar 2010 11:20:50 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [IPv6:2a01:170:102f::2]) by mx1.freebsd.org (Postfix) with ESMTP id 6D7C38FC21 for ; Wed, 10 Mar 2010 11:20:50 +0000 (UTC) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.3/8.14.3) with ESMTP id o2ABKXGS002323; Wed, 10 Mar 2010 12:20:49 +0100 (CET) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.3/8.14.3/Submit) id o2ABKXoa002322; Wed, 10 Mar 2010 12:20:33 +0100 (CET) (envelope-from olli) Date: Wed, 10 Mar 2010 12:20:33 +0100 (CET) Message-Id: <201003101120.o2ABKXoa002322@lurza.secnetix.de> From: Oliver Fromme To: freebsd-ipfw@FreeBSD.ORG, rizzo@iet.unipi.it In-Reply-To: <20100309164611.GB53491@onelab2.iet.unipi.it> X-Newsgroups: list.freebsd-ipfw User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.4-PRERELEASE-20080904 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Wed, 10 Mar 2010 12:20:49 +0100 (CET) Cc: Subject: Re: Small problem with "ipfw list" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Mar 2010 11:20:51 -0000 Luigi Rizzo wrote: > On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote: > > Just a question: Is the output from "ipfw list" supposed > > to be in the same rule format that is accepted as input? > > it is not, partly due to backward compatibility. I see. > If you try "ipfw -c show" then you might have better luck though. Unfortunately that makes things even worse. The "dst-ip" word is still there, and additionally any rules containing "from any to any" are shortened, which is also not accepted as input to ipfw(8). What do you think about adding a new option that lists the rules in a format that can be fed back as input to ipfw(8)? There are several tools with similar options, for example "stty -g". So far -g is not used in ipfw(8), so ... Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd I suggested holding a "Python Object Oriented Programming Seminar", but the acronym was unpopular. -- Joseph Strout