Date: Sat, 10 Mar 2001 09:31:25 -0800 (PST) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: patrick@netzuno.com (Patrick Bihan-Faou) Cc: billf@mu.org (Bill Fumerola), freebsd-ipfw@FreeBSD.ORG Subject: Re: interface specification extension for ipfw Message-ID: <200103101731.JAA33577@gndrsh.dnsmgr.net> In-Reply-To: <HJEEKLMFLKEOKHOKNPBMAENCCLAA.patrick@netzuno.com> from Patrick Bihan-Faou at "Mar 10, 2001 10:19:57 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > > > As my needs are fairly urgent, I'll just hack a "local" > > interface name that > > > will match packets originating from/destined to the local host > > (basically > > > the !any case). > > > > you mean like the 'me' keyword that phk committed recently? > > > > Humm I saw these commits and I am using the "me" keyword. My understanding > was that it matches IP addresses not interfaces. Did I miss something ? Can > I write: > > ipfw count ip from any to any in recv me No, but it should be trivial to patch the code to allow your !any, if you consider that !any is the same as =null: ipfw count ip from any to any in recv null Ie, the recv keyword looks at the ifp in the mbuff, the ifp will be null for packets originated on the local machine. IIRC similiar logic can be applied to xmit. -- Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103101731.JAA33577>