From owner-freebsd-ipfw@FreeBSD.ORG  Fri May 22 18:41:24 2009
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 471DF1065679
	for <freebsd-ipfw@freebsd.org>; Fri, 22 May 2009 18:41:24 +0000 (UTC)
	(envelope-from fjwcash@gmail.com)
Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.29])
	by mx1.freebsd.org (Postfix) with ESMTP id EE4718FC20
	for <freebsd-ipfw@freebsd.org>; Fri, 22 May 2009 18:41:23 +0000 (UTC)
	(envelope-from fjwcash@gmail.com)
Received: by yw-out-2324.google.com with SMTP id 9so1151119ywe.13
	for <freebsd-ipfw@freebsd.org>; Fri, 22 May 2009 11:41:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:content-type
	:content-transfer-encoding;
	bh=pK3gg07okql65j3PGLRIpkWKvLI0jNO5Mrn9bsmrLTo=;
	b=I2iIs7BBaeRPGv69zOnw5+dhxHBs1uXclyjvlqfe/FAoyQXvoA+kn/EpOBtNBXXDoM
	j1NGBoOakz8TiWqSAvrkYg5t6FSCXPfw8hSlYd74F7B/RPeoRFJMyrwdNhoH4RB5nCpN
	v3F9HXrgy4BjFZlYJ2cY9gO13CAIYL9KxBnmk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:content-type:content-transfer-encoding;
	b=OLTyZf+mrEjwOgYiBBhV+d9+CHpuJi7slareYI1rZS/41NSDOh3wBOnvzKezYSajqY
	blueKIvQkHYPclNbFGmt7vRnb/z/6W8qTHTdpPVVLMnI3QIgdCna1TE7RTRzyNmL6ZaW
	h/9Hjj7xskNPpX9J1HQRoKFzqHhp6nfMLq7+M=
MIME-Version: 1.0
Received: by 10.151.130.8 with SMTP id h8mr8161226ybn.247.1243017683476; Fri, 
	22 May 2009 11:41:23 -0700 (PDT)
In-Reply-To: <20090521150113.GA47160@onelab2.iet.unipi.it>
References: <9a542da30905210720y50fafe59ld3459c9e76ef5824@mail.gmail.com>
	<20090521150113.GA47160@onelab2.iet.unipi.it>
Date: Fri, 22 May 2009 11:41:23 -0700
Message-ID: <b269bc570905221141j3b45f860t612ea1000ff5b5a4@mail.gmail.com>
From: Freddie Cash <fjwcash@gmail.com>
To: freebsd-ipfw@freebsd.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: Does ipfw support interface groups?
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2009 18:41:24 -0000

On Thu, May 21, 2009 at 8:01 AM, Luigi Rizzo <rizzo@iet.unipi.it> wrote:
> On Thu, May 21, 2009 at 04:20:48PM +0200, Ermal Lu?i wrote:
>> can ipfw use somehow interface groups as pf(4) can?
>> >From a quick glance at documentation and not so through look at code
>> it does not but i am sending this just if i missed something during my
>> search!
>
> something like
>
> =C2=A0 =C2=A0 =C2=A0 =C2=A0... { recv ed0 or recv xl1 or recv ath4 or rec=
v vlan0 } ...
> is perhaps not so nice but does the job.

Just tested this on one off our firewalls, and can report that it
works wonderfully.

Now to compress the rules a bit using this.  :)

Thanks again, Luigi!!

--=20
Freddie Cash
fjwcash@gmail.com