Date: Sun, 28 Mar 1999 19:53:21 +0300 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: Luigi Rizzo <luigi@labinfo.iet.unipi.it> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: ipfw behavior, is it normal? Message-ID: <19990328195321.A83154@relay.ucb.crimea.ua> In-Reply-To: <199903281348.PAA03730@labinfo.iet.unipi.it>; from Luigi Rizzo on Sun, Mar 28, 1999 at 03:48:36PM %2B0200 References: <19990328152846.B065314C14@hub.freebsd.org> <199903281348.PAA03730@labinfo.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 28, 1999 at 03:48:36PM +0200, Luigi Rizzo wrote: > > > should we add another instruction to ipfw > > > > > > <action> <proto> between A and B ... > > > > > > to ease life in configuring firewalls ? Performance of a ruleset > > > will be only marginally improved, but having simpler rules will > > > indirectly make configurations more secure by reducing mistakes. > > > > i understand between to be a short cut that replaces "from A to B" > > and "from B to A". > > functionally, yes. but it would map (and you would see) only a single > ipfw rule. > allow ip between any and any ;-) -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990328195321.A83154>