Date: Wed, 6 Jun 2018 21:07:09 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Dries Michiels <driesm.michiels@gmail.com>, freebsd-ipfw@freebsd.org Subject: Re: Matching rules on ip4/ip6 with udp/tcp Message-ID: <4f4df436-0ccd-4763-5c48-190569e2b45b@yandex.ru> In-Reply-To: <001001d3fdbc$d804d270$880e7750$@gmail.com> References: <001001d3fdbc$d804d270$880e7750$@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --fMBq7BgNhI5lOisA3lThO2tJh3SD3jNaN Content-Type: multipart/mixed; boundary="wrmAyMWWBoRn7v6XYJL1HhOCKx2cLycwP"; protected-headers="v1" From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Dries Michiels <driesm.michiels@gmail.com>, freebsd-ipfw@freebsd.org Message-ID: <4f4df436-0ccd-4763-5c48-190569e2b45b@yandex.ru> Subject: Re: Matching rules on ip4/ip6 with udp/tcp References: <001001d3fdbc$d804d270$880e7750$@gmail.com> In-Reply-To: <001001d3fdbc$d804d270$880e7750$@gmail.com> --wrmAyMWWBoRn7v6XYJL1HhOCKx2cLycwP Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 06.06.2018 20:36, Dries Michiels wrote: > Dear Mailing List, >=20 > Is there are way to match packets specifying both network generation ip= 4 or > ip6 together with the protocol such as tcp or udp? >=20 > Currently the following rules are possible (examples): >=20 > ipfw add 1 allow udp from any to me 22 in recv em0 > > The following rule is not possible (example): >=20 > ipfw add 1 allow ip4 udp from any to me 22 in recv em0 You can use "proto" option: ipfw add 1 allow ip4 from any to me 22 in recv em0 proto tcp ipfw add 1 allow tcp from any to me 22 in recv em0 not proto ip6 ipfw add 1 allow ip6 from any to me 22 in recv em0 proto tcp --=20 WBR, Andrey V. Elsukov --wrmAyMWWBoRn7v6XYJL1HhOCKx2cLycwP-- --fMBq7BgNhI5lOisA3lThO2tJh3SD3jNaN Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAlsYIs0ACgkQAcXqBBDI oXqDGAf/Zhnvz6GvXrNIdSFMS16UTBWxL9X1gJUVR3ySKVFynH7ZgHNNy2MMNkW8 UW679aY8AK+78/tHuhFyDcUUMGs349C8CQiehGLXhtyUp5nxBzCOvRQ9cD7z1jG5 HgVFXuY6OP0jgAeFBey6r37zt0rGn9/fsqGRRJsgOSmyLQ1LBnCDwt8SnYrPMNe8 fGRWALVFNOiAOQbJZcc5F7vWJUh1hsIKVv1YiORPUi9sydQU/PUjEsysjMzAfm1u 5mJxgRTnMiMv/+ZUMYeyQHJtfiFFJM2+aIY3fH5IwLKek9o7PRPMOMzY/NxUzsHi pi4josEJtbRdOk06byQslFWf8nexMQ== =g2Wz -----END PGP SIGNATURE----- --fMBq7BgNhI5lOisA3lThO2tJh3SD3jNaN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4f4df436-0ccd-4763-5c48-190569e2b45b>