Date: Wed, 8 May 2002 16:22:43 -0400 From: parv <parv@pair.com> To: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> Cc: f-q <freebsd-questions@freebsd.org> Subject: Re: converting from ipf to ipfw Message-ID: <20020508202242.GA54944@moo.holy.cow> In-Reply-To: <20020508163730.C35226-100000@localhost> References: <20020508184329.GB52793@moo.holy.cow> <20020508163730.C35226-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
in message <20020508163730.C35226-100000@localhost>, wrote Fernando Gleiser thusly... > > On Wed, 8 May 2002, parv wrote: > > > i have been using ipfilter for a long time. recent change in ipf > > source has disallowed use of "port" w/ "log" as an action. for ... > > now, i am thinking of switching to ipfw. > > Are you saying tha because of that you are going to switch firewalls? yes... > Changing the firewalls is not a trivial desision, and I would find > if there is a solution in my current firewall before I switch. ...it is trivial here -- besides non-trivial learning of new filtering language -- as firewall is used for a single machine connected to internet via dial up modem. > Did you try sending mail to the ipf list and asking if that is a bug or > a feature? that never had entered my mind... > Besides, your problem is easilly fixed: just change > > log body in on tun0 from any to any port < 1025 group 200 > > to: > > log body in on tun0 proto tcp from any to any port < 1025 group 200 > log body in on tun0 proto udp from any to any port < 1025 group 200 yes, that solved my problem. thank you fernando. btw, same suggestion was also made by ivailo tanusheff but i hadn't tried it before starting this thread. so, i should also thank ivailo retroactively. > in ipf 'port' required either 'proto tcp' or 'proto udp' for as > long as I remember, at least with 'pass', 'block' or 'count' it seems "log" action has been changed recently to behave the same way. ok, my problem has been resolved & i am not in no hurry to switch to ipfw anymore, but query still remains: any specific pointers, for future, if somebody is converting to ipfw from ipf? - parv -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020508202242.GA54944>