From owner-freebsd-questions@FreeBSD.ORG Sun Feb 29 15:10:19 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B07716A4CE for ; Sun, 29 Feb 2004 15:10:19 -0800 (PST) Received: from spock.ste-land.com (spock.ste-land.com [64.32.179.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68A4943D39 for ; Sun, 29 Feb 2004 15:10:19 -0800 (PST) (envelope-from ste@ste-land.com) Received: from ste-land.com (bgp377940bgs.plnfld01.nj.comcast.net [68.36.5.198]) by spock.ste-land.com (Postfix) with ESMTP id 8915A2D24C for ; Sun, 29 Feb 2004 18:10:18 -0500 (EST) Message-ID: <40427159.5030600@ste-land.com> Date: Sun, 29 Feb 2004 18:10:17 -0500 From: "Shaun T. Erickson" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4b) Gecko/20030507 X-Accept-Language: en-us, en MIME-Version: 1.0 To: questions@freebsd.org References: <40426EAD.50004@ste-land.com> In-Reply-To: <40426EAD.50004@ste-land.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: ipfw ruleset traversal question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Feb 2004 23:10:19 -0000 Shaun T. Erickson wrote: > Iptables has the concept of "chains". Please forgive me for following up my own post. I know it's bad form ... In addition to the system defined chains, iptables lets me create user defined chains, that I can jump to based on criteria I set, so as to further refine my rules such that packets only traverse the rules they must. So, I'm trying to figure out how to simulate everything I've said about chains, in ipfw ... -ste