Date: Mon, 10 Jun 2002 16:06:53 -0400 (EDT) From: Trish Lynch <trish@bsdunix.net> To: Luigi Rizzo <rizzo@icir.org> Cc: "Vladimir B. Grebenschikov" <vova@sw.ru>, <ipfw@FreeBSD.ORG>, "current@freebsd.org" <current@FreeBSD.ORG> Subject: Re: New ipfw code available Message-ID: <20020610160123.B450-100000@femme.listmistress.org> In-Reply-To: <20020610024726.A54631@iguana.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Jun 2002, Luigi Rizzo wrote:
> On Mon, Jun 10, 2002 at 12:47:40PM +0400, Vladimir B. Grebenschikov wrote:
> ...
> > And what about radix-tree-based ip-list matching ?
>
> yes, it is planned.
>
> cheers
> luigi
> >
> > ipfw add 1 allow ip from {1.2.3.0/24,1.3.5.0/24,17.2.3.4/45,11.2.3.4/30}
> > or
> > cat mylist | ipfw list add mylist -
> > ipfw add 1 allow ip from @mylist
> >
> > or something like
> >
> > If you deal with large access-lists ipfw becomes not best tool due to
> > linear comparison.
Luigi, gave this a try, and dummynet and my current rulesets except for
one worked fine...
I tried to add a divert rule, and it kept telling me it was an invalid
port for divert/tee.
I went back to the original code... just because I happen to be using natd
:)
After this is fixed, I'll install again and play with the new features :)
-Trish
--
Trish Lynch trish@bsdunix.net
FreeBSD The Power to Serve
Ecartis Core Team trish@listmistress.org
http://www.freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020610160123.B450-100000>