From owner-freebsd-net@FreeBSD.ORG Mon May 19 07:51:37 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E7C35D22; Mon, 19 May 2014 07:51:36 +0000 (UTC) Received: from mail-we0-x22b.google.com (mail-we0-x22b.google.com [IPv6:2a00:1450:400c:c03::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2EB492B98; Mon, 19 May 2014 07:51:36 +0000 (UTC) Received: by mail-we0-f171.google.com with SMTP id w62so5137852wes.16 for ; Mon, 19 May 2014 00:51:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=WM0LBd5QUeZyWbL58/zzO0XKbOOeUKBTazv7c7FdTnI=; b=ZMfxDtRWk/0zT+WxcIxDBLVDEl1uVPW3AGmz9rDm0/TAPNul3ZH5bK8CBS9SMSxKR1 qG00HL4GH4tIn4Lasr3Ss0A/S107ptsaXITSeYXk5GyG4pIs5FPdUYIB/x7tpzm5k9YV NX4WoJOh25FpdVYGS+kk63Py8v/T8PExRt8IWvJhy0WFNyhuV4rB6aB9utg7LdLy0VvP WLUS56XGxwSxB5blkgeE919IdUaNa9W7ijDtap5imZuQOV6I+/30fisTcLpgLuCm+AeZ KW66DLOQOSuqS485KT68YShcKZQA6QZwDP+QLdOzqHlrzNGcq4zaLX2WCeCF2dwBrfl5 xZ9w== MIME-Version: 1.0 X-Received: by 10.180.107.97 with SMTP id hb1mr11472898wib.20.1400485894419; Mon, 19 May 2014 00:51:34 -0700 (PDT) Received: by 10.216.116.136 with HTTP; Mon, 19 May 2014 00:51:34 -0700 (PDT) In-Reply-To: References: <5371084F.1060009@bsdinfo.com.br> <5371112B.2030209@bsdinfo.com.br> <5371E9E7.70400@smartspb.net> <5371F4C8.3080501@FreeBSD.org> <53720AA4.80909@smartspb.net> <537767C5.80205@FreeBSD.org> <53783333.3010205@freebsd.org> Date: Mon, 19 May 2014 15:51:34 +0800 Message-ID: Subject: Re: Problem with ipfw table add 0.0.0.0/8 From: Bill Yuan To: Jason Hellenthal Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: Dennis Yusupoff , FreeBSD Net , "Alexander V. Chernikov" , Marcelo Gondim X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 07:51:37 -0000 Hi Alex, You guys are chatting here! I agree with you, the table is the place should be enhanced, and I am working in this way as described below 1. Support more types. ip : cidr ipv4 : same as ip ipv6 : ip addr v6 mac : mac address iface : interface name interface : same as iface port : it is Alex's idea, I dont know how it works. 2. Setup the table type ipfw table type it will setup the type of the table, and flush the table 3. Get table type ipfw table type show 4. Add item into the table ipfw table add a. get the type of table b. if the type is not defined yet, that also means the table is new or empty, then guess the type based on the c. format the and insert into the table. In this way so call "back compatible" 5. how to use table case 1 ipfw add [line] allow icmp from "table(1)" to "table(2)" in the ipfw userland command, it should check the table1 and table 2 should be ipv4 or ipv6 type case 2 ipfw add allow icmp from any to any MAC "table(3)" "table(4)" in this case, the table(3) and table(4) should be a table of MAC addresses. case 3 ipfw add allow icmp from any to any via table(5) in this case, the table 5 should be table of interface names. currently I am working on the mac type. :) On Sun, May 18, 2014 at 12:47 PM, Jason Hellenthal wrote: > > > > On May 18, 2014, at 0:12, Julian Elischer wrote: > >> 2) Table type/name can be specified explicitly via one of the following > commands: > >> * ipfw table 1 create [type ] [name > "table_name"] > > type "ports" would be nice but tricky to do right. > > That . . . would be a great addition and have me switching from pf to ipfw. > > Pullllease do! :-)