From owner-freebsd-ipfw@FreeBSD.ORG  Wed Aug  3 09:30:36 2005
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@FreeBSD.ORG
Delivered-To: freebsd-ipfw@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DEABF16A41F
	for <freebsd-ipfw@FreeBSD.ORG>; Wed,  3 Aug 2005 09:30:36 +0000 (GMT)
	(envelope-from olli@lurza.secnetix.de)
Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4EA7443D48
	for <freebsd-ipfw@FreeBSD.ORG>; Wed,  3 Aug 2005 09:30:36 +0000 (GMT)
	(envelope-from olli@lurza.secnetix.de)
Received: from lurza.secnetix.de (kdapat@localhost [127.0.0.1])
	by lurza.secnetix.de (8.13.1/8.13.1) with ESMTP id j739UYdQ011089
	for <freebsd-ipfw@FreeBSD.ORG>; Wed, 3 Aug 2005 11:30:35 +0200 (CEST)
	(envelope-from oliver.fromme@secnetix.de)
Received: (from olli@localhost)
	by lurza.secnetix.de (8.13.1/8.13.1/Submit) id j739UYAU011088;
	Wed, 3 Aug 2005 11:30:34 +0200 (CEST) (envelope-from olli)
Date: Wed, 3 Aug 2005 11:30:34 +0200 (CEST)
Message-Id: <200508030930.j739UYAU011088@lurza.secnetix.de>
From: Oliver Fromme <olli@lurza.secnetix.de>
To: freebsd-ipfw@FreeBSD.ORG
In-Reply-To: <20050803083040.GB89059@pc5.i.0x5.de>
X-Newsgroups: list.freebsd-ipfw
User-Agent: tin/1.5.4-20000523 ("1959") (UNIX) (FreeBSD/4.11-RELEASE (i386))
Cc: 
Subject: Re: Another bug in IPFW@ ...?
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-ipfw@FreeBSD.ORG
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2005 09:30:37 -0000

Nicolas Rachinsky <fbsd-div-0@ml.turing-complete.org> wrote:
 > ipfw add deny ip from me to any in 
 > ipfw add pass ip from me to $N out xmit xl0

Yes, I also have a work-around with two rules, but I would
prefer an independend check within the "out" rule.

 > But I would like the 'not recv any' feature, too. At the moment I use
 > a static list.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

Perl is worse than Python because people wanted it worse.
        -- Larry Wall