From owner-freebsd-questions Sun Apr 15 14:44:43 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id 3E35737B43F for ; Sun, 15 Apr 2001 14:44:37 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f3FMojJ63733; Sun, 15 Apr 2001 17:50:45 -0500 (CDT) (envelope-from nick@rogness.net) Date: Sun, 15 Apr 2001 17:50:45 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: The Hermit Hacker Cc: freebsd-questions@FreeBSD.ORG Subject: Re: [IPFW] writing rules ... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 15 Apr 2001, The Hermit Hacker wrote: > > Can someone confirm for me whether I'm reading something like the below > correctly? > > Basically, ruleset 0107[01] will only get triggered for port != > (20,21,873,80), as, if its something on port 20, then it will stop > processing at rule 0101[01]? > > 01010 1302 127709 pipe 1 tcp from ###.###.##.## 20,21 to any > 01011 1298 67573 pipe 1 tcp from any to ###.###.##.## 20,21 > > 01040 588 874583 pipe 1 tcp from ###.###.##.## 873 to any > 01041 531 21248 pipe 1 tcp from any to ###.###.##.## 873 > > 01050 7220 8202922 pipe 2 tcp from ###.###.##.## 80 to any > 01051 5576 471509 pipe 2 tcp from any to ###.###.##.## 80 > > 01070 906 1021266 pipe 2 tcp from ###.###.##.## to any > 01071 786 40827 pipe 2 tcp from any to ###.###.##.## > Your assumptions are correct. Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message