From owner-freebsd-ipfw Tue Sep 10 22:30:34 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1558C37B400 for ; Tue, 10 Sep 2002 22:30:32 -0700 (PDT) Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC9B043E4A for ; Tue, 10 Sep 2002 22:30:31 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: from iguana.icir.org (localhost [127.0.0.1]) by iguana.icir.org (8.12.3/8.11.3) with ESMTP id g8B5UUIb084801; Tue, 10 Sep 2002 22:30:30 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: (from rizzo@localhost) by iguana.icir.org (8.12.3/8.12.3/Submit) id g8B5UT1f084800; Tue, 10 Sep 2002 22:30:29 -0700 (PDT) (envelope-from rizzo) Date: Tue, 10 Sep 2002 22:30:29 -0700 From: Luigi Rizzo To: "Daniel C. Sobral" Cc: ipfw@FreeBSD.ORG Subject: Re: ipfw2 vs. ipfw1 and 4.7 Message-ID: <20020910223029.D84624@iguana.icir.org> References: <20020902082743.D87097@iguana.icir.org> <3D7E3FDE.6070805@tcoip.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3D7E3FDE.6070805@tcoip.com.br>; from dcs@tcoip.com.br on Tue, Sep 10, 2002 at 03:54:22PM -0300 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Sep 10, 2002 at 03:54:22PM -0300, Daniel C. Sobral wrote: > Luigi Rizzo wrote: > > People, > > now that the release of 4.7 is approaching, i would really appreciate > > if you could give ipfw2 a try and see whether it breaks anything > > in your rulesets. Also have a look at the manpage highlighting the > > differences between ipfw1 and ipfw2 to see if your rulesets can be > > simplified/made more efficient. > > I love ipfw2, even though the breakage of fwd caused me a huge headache. which reminds me, i have to fix the byte order in port numbers in fwd actions... > As a side note, the man page mentions that 32 sets are available, but > set 31 is illegal when I try to use it (and sometimes produce very weird > results indeed). i guess i have to clarify the wording -- the manpage says Each rule is associated to a set_number in the range 0..31, with the latter reserved for the default rule. Sets can be individu- with wich i meant to say that you cannot use set 31 for anything else, nor disable it. What "weird results" were you seeing ? cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message