Date: Thu, 2 Mar 95 18:34:50 IST From: "Ugen J.S.Antsilevich" <ugen@netvision.net.il> To: Richard Wackerbarth <rkw@dataplex.net>, Luigi Rizzo <luigi@labinfo.iet.unipi.it> Cc: hackers@FreeBSD.org, ugen@netvision.net.il Subject: Re: Playing with ipfw... Message-ID: <Chameleon.950302183631.ugen@ugen.NetManage.co.il>
next in thread | raw e-mail | index | archive | help
>In my opinion, it makes no much sense in the user interface to >specify the source port. It would be less confusing to assume that >a port is actually a service, and filter access to services. I'd >like something like the following: > > accept tcp from source.host to dest.host portX > >to mean "source.host is allowed access to service on portX on dest.host" But this one you have already: This one allows access to telnet port from outside... ipfw addf accept tcp from source.host to dest.host portX And you probably need not any other definition because packets from dest.host to source.host was never denied... -- -=Ugen J.S.Antsilevich=- NetVision - Israeli Commercial Internet | Learning E-mail: ugen@NetVision.net.il | To Fly. [c] Phone : +972-4-550330 |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Chameleon.950302183631.ugen>