Date: Sun, 7 Nov 2004 21:00:18 +0100 From: Pawel Malachowski <pawmal-posting@freebsd.lublin.pl> To: freebsd-ipfw@freebsd.org Subject: Re: Listing multiple subnets w/ specific host addresses.. Message-ID: <20041107200018.GD88583@shellma.zin.lublin.pl> In-Reply-To: <1099856264.652.276.camel@Mobile1.276NET> References: <1099856264.652.276.camel@Mobile1.276NET>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 07, 2004 at 10:37:44PM +0300, Martes Wigglesworth wrote:
> Does anyone know how to list the following rule? I am unable to find a
> working example of such a declaration.
>
> add log ip from any to \{ 192.168.1.0/24{a,b,c} or
> 192.168.2.0/24{d,e,f,g} \}
>
> The backslash works while listing more than one interface at the end of
> rules, however, whenever I use it as above, I get parenthesis errors.
> This current format give the following error on the console:
>
> > sudo ipfw add pass log ip from any to \{ 192.168.1.0/24 { 23,24,35,60
> } or 192.168.2.0/24 { 24,25,26,50 }\}
> ipfw: missing ")"
This is a matter of shell. On tcsh:
% ipfw add 31337 count ip from any to \{ 192.168.1.0/24\{7,5,2\} or 192.168.2.0/24\{1,6,8,11\} \}
31337 count ip from any to { 192.168.1.0/24{2,5,7} or dst-ip 192.168.2.0/24{1,6,8,11} }
% ipfw show 31337
31337 0 0 count ip from any to { 192.168.1.0/24{2,5,7} or dst-ip 192.168.2.0/24{1,6,8,11} }
Still, this `IP or dst-ip IP' on output looks weird...
--
Paweł Małachowski
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041107200018.GD88583>