Date: Mon, 14 Jul 2003 19:17:37 -0300 From: Patrick Tracanelli <eksffa@freebsdbrasil.com.br> To: freebsd-ipfw@freebsd.org Subject: Re: [luigi@FreeBSD.org: cvs commit: src/sbin/ipfw ipfw2.c] Message-ID: <3F132C01.4010306@freebsdbrasil.com.br> In-Reply-To: <20030712002222.A78447@xorpc.icir.org> References: <20030712002222.A78447@xorpc.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > * implement comments in ipfw commands. These are implemented in the > kernel as O_NOP commands (which always match) whose body contains > the comment string. In userland, a comment is a C++-style comment > appended to the rule: > > ipfw add allow ip from me to any // i can talk to everybody > > cheers > luigi Got a funny behaviour here; keep-state option is displayed after comment, see: ipfw 200 add count tcp from any to any out xmit ath0 setup keep-state // comment 00200 count tcp from any to any out xmit ath0 setup // comment keep-state ipfw sh 200 00200 47 5537 count tcp from any to any out xmit ath0 setup // comment keep-state But still works: ## Dynamic rules (1): 00200 10 472 (0s) STATE tcp 200.210.42.5 49653 <-> 200.210.70.4 25 Just a display misbehaviour; -- Atenciosamente, Patrick Tracanelli patrick @ freebsdbrasil.com.br "Long live Hanin Elias, Kim Deal!"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F132C01.4010306>