Date: Mon, 21 May 2012 10:51:18 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: Paul Macdonald <paul@ifdnrg.com> Cc: Ian Smith <smithi@nimnet.asn.au>, freebsd-questions@freebsd.org Subject: Re: ipfw subnetting Message-ID: <CAHu1Y70joT1mmmXFYJa7e8=4YbU=GPqjXLZiiWtzkvGsUD61iA@mail.gmail.com> In-Reply-To: <4FBA7935.7090000@ifdnrg.com> References: <20120521120027.716761065686@hub.freebsd.org> <20120521232412.B98171@sola.nimnet.asn.au> <4FBA5FB3.5010900@ifdnrg.com> <CAHu1Y719HRS2-tNKTZa5qaeyG78F6KXKrTEkphF9PYSGfPBGNw@mail.gmail.com> <4FBA66DA.7040902@ifdnrg.com> <4FBA7935.7090000@ifdnrg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 21, 2012 at 10:19 AM, Paul Macdonald <paul@ifdnrg.com> wrote: > this is now resolved, i hadn't realised (embarrassingly) that ipfw list will > show rules if if the fw is disabled. You should consider using tables, which allow you to add ad hoc nets, etc. and you can swap rulesets atomically so you can manipulate tables and then deploy them. ipfw add deny ip from table\(1\) to any etc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y70joT1mmmXFYJa7e8=4YbU=GPqjXLZiiWtzkvGsUD61iA>