From owner-freebsd-current Wed Jan 15 08:43:35 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id IAA10268 for current-outgoing; Wed, 15 Jan 1997 08:43:35 -0800 (PST) Received: from rocky.mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id IAA10260; Wed, 15 Jan 1997 08:43:31 -0800 (PST) Received: (from nate@localhost) by rocky.mt.sri.com (8.7.5/8.7.3) id JAA05590; Wed, 15 Jan 1997 09:43:29 -0700 (MST) Date: Wed, 15 Jan 1997 09:43:29 -0700 (MST) Message-Id: <199701151643.JAA05590@rocky.mt.sri.com> From: Nate Williams To: phk@freebsd.org Cc: current@freebsd.org Subject: Re: ipfw cannot do this... In-Reply-To: <27393.853342334@critter.dk.tfs.com> References: <27393.853342334@critter.dk.tfs.com> Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I just found out one thing we need in ipfw, the ability to inverse the > sense of a rule: > > ipfw add deny not ip from 140.145.0.0 to any via ed0 > ipfw add deny not ip from any to 140.145.0.0 via ed1 > ^^^ > ipfw add allow tcp from any to any 23 > ipfw add allow tcp from any to any 25 > ... > > any takers ? I'm not sure I follow what you want. What exactly are you trying to do? Nate