Date: Wed, 14 Feb 2001 00:00:20 +0000 From: Josef Karthauser <joe@tao.org.uk> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: Luigi Rizzo <rizzo@aciri.org>, imp@harmony.village.org, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/netinet ip_fw.c ip_fw.h src/sbin/ipfw ipfw.8 ipfw.c Message-ID: <20010214000020.B2265@tao.org.uk> In-Reply-To: <52786.982090097@critter>; from phk@critter.freebsd.dk on Tue, Feb 13, 2001 at 07:48:17PM %2B0100 References: <200102131841.f1DIfEJ31419@iguana.aciri.org> <52786.982090097@critter>
next in thread | previous in thread | raw e-mail | index | archive | help
--CdrF4e02JqNVZeln Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 13, 2001 at 07:48:17PM +0100, Poul-Henning Kamp wrote: > > > >does what i wanted. So you can jump to your "forwarding list" > >with a rule like > > > > ipfw add skipto 10000 ip from any to any out recv any > > > >and have code your access-list 10000 as your forwarding ruleset. >=20 > I still think having separate lists, with well defined insert > points would make it a lot easier for people. >=20 > I generally meet a lot of people who have trouble with the > fact that a forwarded packet gets filteret twice... =2E.. and how does ipfw interact with packets received via IPSec? Is it different between transport and tunnel modes? What if ipenc (gif) traffic is tunnelled. Do we get all three goes through the ipfw rules? (the ESP packet, the IPENC packet, and the encapsulated packet). Separate lists would help to clarify these also. Joe --CdrF4e02JqNVZeln Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjqJypQACgkQXVIcjOaxUBbGjACeK5LSei4c3BVt3neRWLrUuiVR jAMAniHo4sVqsb5JIucpf9P/+NF98aLu =sUwo -----END PGP SIGNATURE----- --CdrF4e02JqNVZeln-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010214000020.B2265>