From owner-freebsd-questions Wed May 8 12:53:22 2002 Delivered-To: freebsd-questions@freebsd.org Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by hub.freebsd.org (Postfix) with ESMTP id 05CA737B407 for ; Wed, 8 May 2002 12:52:49 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by cactus.fi.uba.ar (8.11.6/8.11.6) with ESMTP id g48JniO37099; Wed, 8 May 2002 16:49:44 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Wed, 8 May 2002 16:49:43 -0300 (ART) From: Fernando Gleiser X-X-Sender: To: parv Cc: f-q Subject: Re: converting from ipf to ipfw In-Reply-To: <20020508184329.GB52793@moo.holy.cow> Message-ID: <20020508163730.C35226-100000@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 8 May 2002, parv wrote: > i have been using ipfilter for a long time. recent change in ipf > source has disallowed use of "port" w/ "log" as an action. for > details, see thread: ipf - "log" problem when port is specified > (after mar. 16 2002 source). > > now, i am thinking of switching to ipfw. are there any pointers -- > besides editing/recompiling kernel -- for somebody who is coming > from ipf background? i will be using ipfw only as firewall; i don't > have any need for natd yet. Are you saying tha because of that you are going to switch firewalls? Changing the firewalls is not a trivial desision, and I would find if there is a solution in my current firewall before I switch. I'd try to find a fix with ipf before I switch. Did you try sending mail to the ipf list and asking if that is a bug or a feature? Besides, your problem is easilly fixed: just change log body in on tun0 from any to any port < 1025 group 200 to: log body in on tun0 proto tcp from any to any port < 1025 group 200 log body in on tun0 proto udp from any to any port < 1025 group 200 in ipf 'port' required either 'proto tcp' or 'proto udp' for as long as I remember, at least with 'pass', 'block' or 'count' Fer > > > - parv > > -- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message