From owner-cvs-all  Tue Feb 13  7:25:54 2001
Delivered-To: cvs-all@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1CEAC37B491; Tue, 13 Feb 2001 07:25:47 -0800 (PST)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.3) id QAA95735;
	Tue, 13 Feb 2001 16:23:15 +0100 (CET)
	(envelope-from des@ofug.org)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
  coincide with those of any organisation or company with
  which I am or have been affiliated.
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/netinet ip_fw.c ip_fw.h src/sbin/ipfw ipfw.8 ipfw.c
References: <51205.982073676@critter>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 13 Feb 2001 16:23:15 +0100
In-Reply-To: Poul-Henning Kamp's message of "Tue, 13 Feb 2001 15:14:36 +0100"
Message-ID: <xzplmrawqsc.fsf@flood.ping.uio.no>
Lines: 17
User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Poul-Henning Kamp <phk@critter.freebsd.dk> writes:
> It would be more elegant to have multiple lists of ipfw rules:
>         One input list per interface
>         One output list per interface
>         One list for packets being forwarded
>         One list for packets arriving locally
>         One list for packets originating locally

One list to rule them all
One list to find them
One list to bring them all
And in the firewall bind them
In the land of TCP/IP where the packets fly.

DES (sorry, couldn't resist)
-- 
Dag-Erling Smorgrav - des@ofug.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message