Date: Mon, 02 Aug 2004 18:15:49 GMT From: Mark <admin@asarian-host.net> To: <freebsd-questions@freebsd.org> Subject: Re: One OR MORE of source and destination addresses? Message-ID: <200408021815.I72IFNIC020343@asarian-host.net> References: <MIEPLLIBMLEEABPDBIEGEEFFGIAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
JJB wrote: > Your rules are all wrong. You really need to reread the ipfw manual > page info. Only one check-state rule is used. Your other check-state > rule is never matched. Ok, I got a check-state too many. > To get meaningful replies you have to post complete information > about your system configuration with description of your overall > firewall goals. The goal is simple: I want to limit connections to port 25 to 32 in total, targeted at "me". And of those 32, only 4 per source. Like so: ipfw add 1 check-state ... ipfw add 11 allow tcp from any to me 25 setup limit dst-addr 32 ipfw add 12 allow tcp from any to me 25 setup limit src-addr 4 Please, tell me then how "all wrong" this is. Because I *still* get the impression that rule 12 is never reached. And, so far, "ipfw show" does, indeed, only show activity on rule 11. Thanks, - Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408021815.I72IFNIC020343>