Date: 7 May 1997 07:35:19 GMT From: "Nickolay N. Dudorov" <nnd@info.itfs.nsk.su> To: hackers@freebsd.org Subject: Re: divert still broken? Message-ID: <5kpbbn$j4n@news.itfs.nsk.su> References: <Pine.BSF.3.91.970507084130.4479r-100000@panda.hilink.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 6 May 1997, Archie Cobbs wrote: > Proposal: > > deny : drop silently (same as before) > reject : send ICMP unreachable (same as before) [...good proposal snipped..] Looks great. > Anything else? :-) Can it be possible to extend 'negative' comparison logic to other filter components f.e. add 4032 deny all from xxx.xxx.xxx.0 to any out via not cx0 (or not via cx0 ?) Currently this is possible for src and dst addresses (and there is no more available flag bits ;-) N.Dudorov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5kpbbn$j4n>