Date: Mon, 12 May 2003 09:41:07 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Darren Pilgrim <dmp@pantherdragon.org> Cc: questions@freebsd.org Subject: Re: ipfw's "or-blocks" feature isn't working? Message-ID: <20030512084107.GA31571@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20030511230141.3b7720db.dmp@pantherdragon.org> References: <20030511230141.3b7720db.dmp@pantherdragon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sun, May 11, 2003 at 11:01:41PM -0700, Darren Pilgrim wrote:
> In my ruleset I have a rule with an "or-block" in it:
>=20
> ipfw add pass tcp from \{ ${oip} or ${inet} \} to 192.168.100.1 80 keep-s=
tate
>=20
> But when ipfw loads the rules, it returns "ipfw: hostname ''{'' unknown".=
The
> man page says the syntax is fine, so I'm stumped. Can someone explain wh=
y this
> isn't working?
That's an IPFW2 feature. I guess you're using a fairly recent version
of FreeBSD 4.x, but you haven't recompiled your world with the IPFW2
support enabled?
See the sections "USING IPFW2 IN FreeBSD-STABLE" and "IPFW2
ENHANCEMENTS" in the ipfw(8) man page.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)
iD8DBQE+v14jdtESqEQa7a0RAgOyAJwOm3FA2V0lLpWz38REjM/jf3QAogCggXjg
rSccvurOYILhW15/M7C3xao=
=tGK6
-----END PGP SIGNATURE-----
--mYCpIKhGyMATD0i+--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030512084107.GA31571>