Date: Mon, 19 May 2014 17:38:47 +0400 From: Dennis Yusupoff <dyr@smartspb.net> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: [Was]: Problem with ipfw table add 0.0.0.0/8 Message-ID: <537A0967.1000808@smartspb.net> In-Reply-To: <537A0560.2070902@gmail.com> References: <5371084F.1060009@bsdinfo.com.br> <F78BF3AC-F031-4528-A4C1-5B22E88CEC00@dataix.net> <5371112B.2030209@bsdinfo.com.br> <5371E9E7.70400@smartspb.net> <5371F4C8.3080501@FreeBSD.org> <53720AA4.80909@smartspb.net> <537767C5.80205@FreeBSD.org> <53783333.3010205@freebsd.org> <F061517D-0A79-4734-A032-1F2BE060C8F6@dataix.net> <CAC%2BJH2xDM2u97Oa1YsG78x_6xdzTpBS-QD-cSfaWSKkKBU8GDg@mail.gmail.com> <5379C6B6.4030105@smartspb.net> <537A00AC.6050305@FreeBSD.org> <537A0560.2070902@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It's not enough, actually. Imagine what you have a table with different networks. If you'll try to find out is an IP belongs to some of that networks from the table, you should to write relatively serious "wrapper" with network range calculations in it. Or can you show differ (easier) way? So it's REALLY usefull to implement that functions "out-of-the-box". I'm risking to be annoying, but there is a good (from customers point of view) example of tables manipulation in Linux: ipset project (http://ipset.netfilter.org/ipset.man.html) 19.05.2014 17:21, bycn82 пишет: > It will be nice to have this feature, > but since the `ipfw table <id> list` is existing, > so I think this can be implemented outside the ipfw. > (personal opinion only ) > -- Best regards, Dennis Yusupoff, network engineer of Smart-Telecom ISP Russia, Saint-Petersburg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?537A0967.1000808>