From owner-freebsd-ipfw Sat Mar 10 9:31:38 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 0A06737B718 for ; Sat, 10 Mar 2001 09:31:36 -0800 (PST) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id JAA33577; Sat, 10 Mar 2001 09:31:25 -0800 (PST) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <200103101731.JAA33577@gndrsh.dnsmgr.net> Subject: Re: interface specification extension for ipfw In-Reply-To: from Patrick Bihan-Faou at "Mar 10, 2001 10:19:57 am" To: patrick@netzuno.com (Patrick Bihan-Faou) Date: Sat, 10 Mar 2001 09:31:25 -0800 (PST) Cc: billf@mu.org (Bill Fumerola), freebsd-ipfw@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > > > > As my needs are fairly urgent, I'll just hack a "local" > > interface name that > > > will match packets originating from/destined to the local host > > (basically > > > the !any case). > > > > you mean like the 'me' keyword that phk committed recently? > > > > Humm I saw these commits and I am using the "me" keyword. My understanding > was that it matches IP addresses not interfaces. Did I miss something ? Can > I write: > > ipfw count ip from any to any in recv me No, but it should be trivial to patch the code to allow your !any, if you consider that !any is the same as =null: ipfw count ip from any to any in recv null Ie, the recv keyword looks at the ifp in the mbuff, the ifp will be null for packets originated on the local machine. IIRC similiar logic can be applied to xmit. -- Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message