From owner-freebsd-questions Tue Sep 5 7:35:46 2000 Delivered-To: freebsd-questions@freebsd.org Received: from c014.sfo.cp.net (c014-h023.c014.sfo.cp.net [209.228.12.87]) by hub.freebsd.org (Postfix) with SMTP id 6E24237B422 for ; Tue, 5 Sep 2000 07:35:38 -0700 (PDT) Received: (cpmta 14866 invoked from network); 5 Sep 2000 07:25:08 -0700 Received: from m12hRs4n205.midsouth.rr.com (HELO mike) (24.95.125.205) by smtp.valuedata.net (209.228.12.87) with SMTP; 5 Sep 2000 07:25:08 -0700 X-Sent: 5 Sep 2000 14:25:08 GMT Message-ID: <001d01c01744$e38c1f80$0200000a@mike> From: "Daryl Chance" To: "FreeBSD Questions" Subject: IPFW: keep-state Date: Tue, 5 Sep 2000 09:23:40 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm looking to adding the keep-state options to my firewall rules. What are the recommended places to put the keep-state options at? I'm not quite sure what keep-state is, i've checked the man page and its not really helped much. Does it basically create, specific dynamic fw rules? like: add allow tcp from any to any 21 keep-state does this become something like: allow tcp from 1.2.3.4 to 3.2.4.1 21 ? Or am I totally off the mark. Thanks, -------------------------------------------------------- | Daryl Chance | I have made this letter longer then | | Valuedata, LLC | usual because I lacked the time to | | Memphis, TN | make it shorter. -- Blaise Pascal | -------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message