From owner-freebsd-ipfw@FreeBSD.ORG  Sun Nov  7 20:08:16 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E132F16A4CE
	for <freebsd-ipfw@freebsd.org>; Sun,  7 Nov 2004 20:08:16 +0000 (GMT)
Received: from mta6.srv.hcvlny.cv.net (mta6.srv.hcvlny.cv.net [167.206.5.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8112643D3F
	for <freebsd-ipfw@freebsd.org>; Sun,  7 Nov 2004 20:08:16 +0000 (GMT)
	(envelope-from asym@rfnj.org)
Received: from risen.rfnj.org (ool-457369de.dyn.optonline.net
	[69.115.105.222]) by mta6.srv.hcvlny.cv.net
	(iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar  3 2004))
	with ESMTP id <0I6T00L0TRXP4Y@mta6.srv.hcvlny.cv.net> for
	freebsd-ipfw@freebsd.org; Sun, 07 Nov 2004 15:08:13 -0500 (EST)
Date: Sun, 07 Nov 2004 15:08:18 -0500
From: asym <asym@rfnj.org>
In-reply-to: <1099856264.652.276.camel@Mobile1.276NET>
X-Sender: asym@rfnj.org@mail.rfnj.org
To: martes.wigglesworth@earthlink.net,
	ipfw-mailings <freebsd-ipfw@freebsd.org>
Message-id: <6.1.2.0.2.20041107145238.02ef3e98@mail.rfnj.org>
MIME-version: 1.0
X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
References: <1099856264.652.276.camel@Mobile1.276NET>
Subject: Re: Listing multiple subnets w/ specific host addresses..
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Nov 2004 20:08:17 -0000

At 14:37 11/7/2004, Martes Wigglesworth wrote:
>Does anyone know how to list the following rule?  I am unable to find a
>working example of such a declaration.
>
>add log ip from any to \{ 192.168.1.0/24{a,b,c} or
>192.168.2.0/24{d,e,f,g} \}
>
>The backslash works while listing more than one interface at the end of
>rules, however, whenever I use it as above, I get parenthesis errors.
>This current format give  the following error on the console:
>
> > sudo ipfw add pass log ip from any to \{ 192.168.1.0/24 { 23,24,35,60
>} or 192.168.2.0/24 { 24,25,26,50 }\}
>ipfw: missing ")"

ipfw add count log ip from any to 192.168.1.0/24\{23,24,35,60\}
ipfw add count log ip from any to 192.168.2.0/24\{24,25,26,50\}

I do not believe you can specify both subnets on one line as you're trying 
to do with the brackets.

Note the lack of spaces in the commands I have shown vs. the spaces in your 
own.