From owner-freebsd-stable Sat Aug 31 15: 5:42 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 68EE437B400 for ; Sat, 31 Aug 2002 15:05:39 -0700 (PDT) Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 13A3A43E6A for ; Sat, 31 Aug 2002 15:05:39 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: from iguana.icir.org (localhost [127.0.0.1]) by iguana.icir.org (8.12.3/8.11.3) with ESMTP id g7VM5cIb070108; Sat, 31 Aug 2002 15:05:38 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: (from rizzo@localhost) by iguana.icir.org (8.12.3/8.12.3/Submit) id g7VM5cQs070107; Sat, 31 Aug 2002 15:05:38 -0700 (PDT) (envelope-from rizzo) Date: Sat, 31 Aug 2002 15:05:38 -0700 From: Luigi Rizzo To: "Jeffrey J. Mountin" Cc: Kenneth W Cochran , freebsd-stable@FreeBSD.ORG Subject: Re: IPFW2 option in -stable kernel config Message-ID: <20020831150538.A69952@iguana.icir.org> References: <200208311312.JAA118809063@shell.TheWorld.com> <4.3.2.20020831112817.00e57e30@207.227.119.2> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <4.3.2.20020831112817.00e57e30@207.227.119.2>; from jeff-ml@mountin.net on Sat, Aug 31, 2002 at 12:15:33PM -0500 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Aug 31, 2002 at 12:15:33PM -0500, Jeffrey J. Mountin wrote: ... > The only thing I'm curious about is just how far the range functionality > goes. Would be nice to extend the following example given: > > ... ip from 1.2.3.0/24{50,6,27,158} to ... ranges are limited to /24 or larger masks (partly to simplify parsing, partly because the bitmap grows exponentially with smaller masks). In fact, the subnet part is totally redundant (it suffices to lookup the list of numbers between brackets), but again its presence gives you a bit more error checking and eases parsing. I have been thinking about the use of ranges within the bitmap, e.g. 1.2.36.0/24{10-19,55,60-89,30}, this will be probably be added in a future release. cheers luigi > To say: > > ... ip from 1.2.36.0/22{36.1,37.2,38.3,39.4} to ... > > And if ranges could be used such as 36.1-10 with such a rule. > > ... ip from 1.2.36.0/22{36.10-19,37.20-29,38.30-39,39.40-49} to ... > > Might be wishful thinking. > Have CC'd Luigi to find out. > > cheers! > > > Jeff Mountin - jeff@mountin.net > Systems/Network Administrator > FreeBSD - the power to serve > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message