Date: Sat, 29 Dec 2001 14:07:51 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Joe & Fhe Barbish <barbish@a1poweruser.com> Cc: FBSD Questions <questions@FreeBSD.ORG> Subject: Re: ipfw commands Message-ID: <Pine.BSF.4.21.0112291353010.13502-100000@cody.jharris.com> In-Reply-To: <LPBBIGIAAKKEOEJOLEGOOELICKAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 29 Dec 2001, Joe & Fhe Barbish wrote: > I created a file containing my add statements. What is the ipfw command > to load this file after ipfw has been started at boot up? # ipfw rules.filename Or if you want them to load on system startup, you would add the following in /etc/rc.conf: firewall_type="rules.filename" > The FBSD handbook says that you can tell ipfw to create a rules file > from it's internal table using the ipfw list command. What is the > format of to ipfw command to generate the rules file? You are probably referring to: # ipfw list > rules.filename But that won't generate a useful rules file, because you are missing the "add" statement before each line. The lines in rules.filename should look like: add 1000 allow ip from any to any via ed0 add 1200 allow tcp from any to any 80 > > Why does the output from the ipfw list command look different from > what the rules look like going in? As stated above, you are missing the "add" option at the beginning of the line. > Is there some option to get the list rules command to list the rules > like they were entered? Not that I am aware of. You could still use `ipfw list > rules.filename` and edit the rules.filename when it is done and enter the needed "add" option at the beginning of each line. > > I do not have line numbers on my add rule statement. > The rules seem to work correctly. > Are the line numbers necessary? > No. It will add them one after the other. > Are there any commonly used ipfw command options that you think I would > benefit knowing of? > See the man page for ipfw for more usefull output. I frequently use: ipfw -a l Nick Rogness <nick@rogness.net> - Don't mind me...I'm just sniffing your packets To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0112291353010.13502-100000>