Date: 20 Aug 2001 15:43:54 +0200 From: "clemensF" <rabat@web.de> To: "Albert Yang" <albert@achtung.com>, freebsd-small@freebsd.org Subject: Re: Stateful Message-ID: <20010820154354.O958@spotteswoode.yi.org> In-Reply-To: <Pine.BSF.4.21.0009071706020.48373-100000@sneakerz.org>; from missnglnk@sneakerz.org on Thu, Sep 07, 2000 at 05:09:27PM -0500 References: <39B7A867.14388.FD8738@localhost> <Pine.BSF.4.21.0009071706020.48373-100000@sneakerz.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Thu, 7 Sep 2000, Albert Yang wrote:
>
> > Date: Thu, 7 Sep 2000 14:38:31 -0700
> > From: Albert Yang <albert@achtung.com>
> > To: freebsd-small@freebsd.org
> > Subject: Stateful
>
> ipfw add check-state
> ipfw add allow ip from any to any in via internalN keep-state
> ipfw add allow ip from any to any out via internalN keep-state
> ipfw add allow ip from any to any out via externalN keep-state
> ipfw add deny ip from any to any
is this really all one has to do? no tweaks with sysctl(1) or somesuch?
are {in,ex}ternalN expanded by ipfw(1)?
regards,
clemens fischer
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-small" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010820154354.O958>