Date: Wed, 10 Sep 2003 03:51:00 +1000 From: Tim Burgess <tim@queens.unimelb.edu.au> To: freebsd-net@freebsd.org Subject: Re: how do I delete just one ipfw rule ? Message-ID: <2C48594F-E2EE-11D7-9E24-000393BE2C60@queens.unimelb.edu.au> In-Reply-To: <Pine.BSF.4.21.0309091042420.46339-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi All, There would be no theoretical problem with adding syntax to ipfw(8) (and possibly to its kernel interface) to delete a particular rule would there? eg ipfw delete 1234.5 to delete the fifth instance of rule 1234? There is clearly a fixed order to the rules, since they apply in order. Not that I'm volunteering or anything, but yeah :) Tim On Wednesday, September 10, 2003, at 03:45 AM, Julian Elischer wrote: > > > On Tue, 9 Sep 2003, Josh Brooks wrote: > >> >> >> >> On Tue, 9 Sep 2003, Luigi Rizzo wrote: >> >>> no, it is not possible to delete them -- you have no way to tell >>> which rule to delete when multiple rules share the same number. >> >> Are there any plans to make ipfw more flexible by changing the 65535 >> to >> the next power of two ? So there are a lot more rules ? > > The rule number is only 16 bits long.. > > This is made use of in 'divert' where the rule number that caused the > divert is in the port-number field when you do a recvfrom(). > if you change this, it won't work.. > > On "sendto()" teh rule number is used to suggest where the packet > "re-enters" the filter. if you pass it back unchanged then > it reenters the filter at the next rule after the one that diverted > it.. > (i.e. where it left off) > > >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2C48594F-E2EE-11D7-9E24-000393BE2C60>