From owner-freebsd-hackers Thu Mar 2 04:44:29 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id EAA15001 for hackers-outgoing; Thu, 2 Mar 1995 04:44:29 -0800 Received: from dns.netvision.net.il (root@dns.NetVision.net.il [194.90.1.5]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id EAA14995 for ; Thu, 2 Mar 1995 04:44:24 -0800 Received: from ugen.NetManage.co.il (ugen.netmanage.co.il [192.114.78.165]) by dns.netvision.net.il (8.6.9/8.6.9) with SMTP id OAA28276; Thu, 2 Mar 1995 14:43:39 +0200 Date: Thu, 2 Mar 95 14:24:48 IST From: "Ugen J.S.Antsilevich" Subject: RE: Playing with ipfw... To: hackers@FreeBSD.org, Luigi Rizzo X-Mailer: Chameleon 4.00-Arm-25, TCP/IP for Windows, NetManage Inc. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: hackers-owner@FreeBSD.org Precedence: bulk > >[BUG] ipfw in its current form does not accept setting the destination > port. Looking at the code, it actually accepts the port, but after > expects a 'via' or something similar field. > Fixed in -current... > >[BUG] the program does not look for full keywords [from,to] when > parsing the string. Thus, if I say This was nice feature(any keyword was specified as it's first 1 or 2 letters so you could not type too much) but already "fixed" in -current >[COMMENT] Quite often, allowing a service requires a two-line > specification. As an example, I am using > > ipfw addf accept udp from 0/0 520 to 0/0 > ipfw addf accept udp from 0/0 to 0/0 520 > > to let routing information pass to hosts in the subnet. > > It would be nice to have a way to specify "one of the port > numbers must be XXX". Is this supported by the system calls ? Ok..this is by my definition "bidirectional",now accounting has this but in firewall it is in TODO ... -- -=Ugen J.S.Antsilevich=- NetVision - Israeli Commercial Internet | Learning E-mail: ugen@NetVision.net.il | To Fly. [c] Phone : +972-4-550330 |