From owner-freebsd-questions Thu Feb 14 8:11:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail.mango-bay.com (mail.mango-bay.com [208.206.15.12]) by hub.freebsd.org (Postfix) with ESMTP id 8AE1037B402; Thu, 14 Feb 2002 08:11:43 -0800 (PST) Received: from barbish ([63.70.155.114]) by mail.mango-bay.com (Post.Office MTA v3.5.3 release 223 ID# 0-52377U2500L250S0V35) with SMTP id com; Thu, 14 Feb 2002 11:15:48 -0500 From: "Joe & Fhe Barbish" To: "FBSD" Cc: "Fn" , "FI" Subject: IPFW statefull rules how-to Date: Thu, 14 Feb 2002 11:11:40 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG For the archives. For all of you who have questions about coding stateful rules in IPFW. I have read many posts asking questions about IPFW Stateful Filtering and never really saw any replies that were useful. While searching the net today I came across this and saw how good it was, I decided to post it for the archives. Do you want to know the difference between add 1000 allow tcp from any to any established add 2000 allow tcp from any to any 22 in setup and add 1000 check-state add 2000 allow tcp from any to any 22 in setup keep-state For a complete and detailed explanation read the Introduction to Stateless and Stateful Filtering section at this link. http://www.darthik.com/freebsd-docs/Ipfw-HOWTO.txt I To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message