Date: Wed, 4 Sep 2002 08:13:30 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Trish Lynch <trish@bsdunix.net> Cc: freebsd-net@FreeBSD.ORG Subject: Re: Quention for ipfw2 people. Message-ID: <20020904081330.A11081@iguana.icir.org> In-Reply-To: <20020904085744.B437-100000@femme.sapphite.org>; from trish@bsdunix.net on Wed, Sep 04, 2002 at 09:00:29AM -0400 References: <20020904085744.B437-100000@femme.sapphite.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Trish,
please read the manpage which tells you the syntax for
OR blocks (it has changed slightly since the first
implementation in order to remove ambiguities).
You need to put braces around the alternatives i.e.
add 02000 allow tcp from { 66.80.75.0/29 or 216.0.51.128/26 or
216.0.51.192/27 or 68.50.99.190 or 216.5.117.32/27 } to any 22
cheers
luigi
On Wed, Sep 04, 2002 at 09:00:29AM -0400, Trish Lynch wrote:
> Luigi and others:
>
> I just started putting ipfw2 into use in testing on some rulesets,
> and I'm trying to do this:
>
> add 02000 allow tcp from 66.80.75.0/29 or 216.0.51.128/26 or
> 216.0.51.192/27 or 68.50.99.190 or 216.5.117.32/27 to any 22
>
> and its giving me this:
>
> ipfw: invalid OR block
>
>
> Now this seems to be the syntax sent out by Luigi on his first
> announcement of ipfw2 a few months ago... and I doing something wrong?
>
> -Trish
>
> --
> Trish Lynch trish@bsdunix.net
> Ecartis Core Team trish@listmistress.org
> Key fingerprint = C44E 8E63 6E3C 18BD 608F E004 9DC7 C2E9 0E24 DFBD
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020904081330.A11081>