Date: Sat, 20 Sep 2003 18:20:19 +0200 From: Pawel Malachowski <pawmal-posting@freebsd.lublin.pl> To: freebsd-ipfw@freebsd.org Cc: olli@lurza.secnetix.de Subject: Re: ssh/scp filtering, iplen problem Message-ID: <20030920162019.GA30356@shellma.zin.lublin.pl> In-Reply-To: <200309201510.h8KFAOxL062601@lurza.secnetix.de> References: <200309201510.h8KFAOxL062601@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 20, 2003 at 05:10:24PM +0200, Oliver Fromme wrote: > According to ipfw(8), there is an "iplen" option for > filtering -- but it filters on an exact size. What I > need is a way to specify a rule that matches on, say, > packets on port 22 that are larger than 1000 bytes. > Is that possible with IPFW2? Yes, thanks to Luigi it is possible to use iplen ranges. -- Paweł Małachowski
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030920162019.GA30356>