Date: Fri, 14 Jun 2002 23:18:31 +0600 (YEKST) From: =?koi8-r?B?6czY0SD7ydDJw8nO?= <ilia@academy.urc.ac.ru> To: Joe & Fhe Barbish <barbish@a1poweruser.com> Cc: FBSDQ <questions@FreeBSD.ORG> Subject: RE: ipfw: outgoing connections only Message-ID: <20020614231408.D46238-100000@sol.chel.skbkontur.ru> In-Reply-To: <MIEPLLIBMLEEABPDBIEGGELDCCAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > # Allow the packet through if it has previous been added to the > # the "dynamic" rules table by an allow keep-state statement. > $cmd 00400 check-state > > # Run all private LAN xl0 packet traffic through the dynamic rules > # table so the IP address are in sync with Natd. You would have one > # rule like this for each Nic card you have for private lans. > $cmd 00500 allow all from any to any via xl0 keep-state for example, I "count" traffic by the following rule: /sbin/ipfw add 12 count ip from any to me uid squid via tun1 in upon which numbers shoud I "add" keep-state and check-state rules in order to count bytes anyway ? upon which number "dynamic" rules are created ? Regards, Ilia Chipitsine To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020614231408.D46238-100000>