From owner-freebsd-stable  Mon Jan 27 22:30:24 2003
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F77037B401
	for <stable@freebsd.org>; Mon, 27 Jan 2003 22:30:23 -0800 (PST)
Received: from sccrmhc03.attbi.com (sccrmhc03.attbi.com [204.127.202.63])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7093943FA3
	for <stable@freebsd.org>; Mon, 27 Jan 2003 22:30:22 -0800 (PST)
	(envelope-from crist.clark@attbi.com)
Received: from blossom.cjclark.org (12-234-89-252.client.attbi.com[12.234.89.252])
          by sccrmhc03.attbi.com (sccrmhc03) with ESMTP
          id <2003012806302100300jj0oue>; Tue, 28 Jan 2003 06:30:21 +0000
Received: from blossom.cjclark.org (localhost. [127.0.0.1])
	by blossom.cjclark.org (8.12.6/8.12.3) with ESMTP id h0S6UKeq043368;
	Mon, 27 Jan 2003 22:30:20 -0800 (PST)
	(envelope-from crist.clark@attbi.com)
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.12.6/8.12.6/Submit) id h0S6UKJV043367;
	Mon, 27 Jan 2003 22:30:20 -0800 (PST)
X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f
Date: Mon, 27 Jan 2003 22:30:20 -0800
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Gerhard Sittig <Gerhard.Sittig@gmx.net>
Cc: stable@freebsd.org
Subject: Re: ipfw2 vs ipfilter
Message-ID: <20030128063020.GD42960@blossom.cjclark.org>
Reply-To: "Crist J. Clark" <cjc@freebsd.org>
References: <5.2.0.9.0.20030127143019.069e3380@marble.sentex.ca> <20030128005759.A4807@shell.gsinet.sittig.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030128005759.A4807@shell.gsinet.sittig.org>
User-Agent: Mutt/1.4i
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Tue, Jan 28, 2003 at 12:57:59AM +0100, Gerhard Sittig wrote:
> On Mon, Jan 27, 2003 at 15:56 -0500, Mike Tancsa wrote:
> > 
> > Rule wise, I am happy with either, except I would really miss ipfw's 
> > concept of 'me'.  e.g. ipfw add 5000 deny log tcp from any to me 2604.
> 
> You don't have to, in ipf speak the address "0.0.0.0/32" _is_ "me".

No, it is not. 0.0.0.0/32 has meaning in ipnat(8) rules, not ipf(8)
rules. And while we're at it the if0/32 syntax, where if0 is an
interface name, was a local OpenBSD hack until they ripped out
IPFilter.
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message