Date: Sat, 13 Sep 2014 12:51:59 -0700 From: Freddie Cash <fjwcash@gmail.com> To: bycn82 <bycn82@gmail.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: IPFW rule sets and automatic rule numbering Message-ID: <CAOjFWZ749EazFz1prFRfidp9bqmqO%2B=%2BXFsu7mVtE%2Bnq2CxwKw@mail.gmail.com> In-Reply-To: <541469D4.6070107@gmail.com> References: <CAOjFWZ4rx4FAc4AoPw3d=cSg4-z_QOWEF=phkT2PuzfUjn0y5A@mail.gmail.com> <CAOjFWZ6i1%2BgCZ9jMnBNEGqL7airdxN3d=B0__Z_Zj1gGG4APKg@mail.gmail.com> <541469D4.6070107@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You can replicate it using 3 rules, loaded into two sets: ipfw set disable 1 ipfw add allow ip from any to any ipfw add 65524 allow ip from any to any ipfw add allow ip from any to any ipfw set swap 1 0 Run that two or 3 times. Every rule will be numbered 65534 after the 2nd or 3rd run. I expected it to be numbered 10, 65524, 65534 after every run. However, after reading the man page a few more times and thinking about it a little more, it makes sense that the numbering is global across all sets, as you can have multiple sets enabled simultaneously. It just doesn't mesh with my desire to use auto numbering. I'm in the midst of manually numbering all my rules now. :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ749EazFz1prFRfidp9bqmqO%2B=%2BXFsu7mVtE%2Bnq2CxwKw>