From owner-freebsd-ipfw@FreeBSD.ORG Tue May 27 05:01:04 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8000137B404 for ; Tue, 27 May 2003 05:01:04 -0700 (PDT) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA02243F85 for ; Tue, 27 May 2003 05:01:02 -0700 (PDT) (envelope-from on@cs.ait.ac.th) Received: from banyan.cs.ait.ac.th (on@banyan.cs.ait.ac.th [192.41.170.5]) by mail.cs.ait.ac.th (8.12.3/8.9.3) with ESMTP id h4RC02gC024991; Tue, 27 May 2003 19:00:24 +0700 (ICT) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.8.5/8.8.5) id TAA02777; Tue, 27 May 2003 19:01:38 +0700 (ICT) Date: Tue, 27 May 2003 19:01:38 +0700 (ICT) Message-Id: <200305271201.TAA02777@banyan.cs.ait.ac.th> X-Authentication-Warning: banyan.cs.ait.ac.th: on set sender to on@banyan.cs.ait.ac.th using -f From: Olivier Nicole To: eivanov@abv.bg In-reply-to: <1365537713.1054027616171.JavaMail.nobody@storage.ni.bg> (message from Evgeny Ivanov on Tue, 27 May 2003 12:26:56 +0300 (EEST)) References: <1365537713.1054027616171.JavaMail.nobody@storage.ni.bg> X-Virus-Scanned: by amavisd-milter (http://amavis.org/) cc: freebsd-ipfw@freebsd.org Subject: Re: IPFW Question X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 12:01:04 -0000 > I want to add a rule that sets limit for all other networks > Is there a way to set rule like : > > add pipe 20 that will match to all network exept those from ${nets} . What about: ipfw add 100 pipe 10 ip from ${nets} to 192.168.1.1 via rl0 ipfw add 200 skipto 400 ip from ${nets} to 192.168.1.1 via rl0 ipfw add 300 pipe 20 any... On first thought it should do the trick. Olivier