From owner-freebsd-ipfw@FreeBSD.ORG  Fri Feb 24 09:30:57 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 13B2416A420;
	Fri, 24 Feb 2006 09:30:57 +0000 (GMT)
	(envelope-from joao@matik.com.br)
Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 62C4843D46;
	Fri, 24 Feb 2006 09:30:56 +0000 (GMT)
	(envelope-from joao@matik.com.br)
Received: from anb (anb.matik.com.br [200.152.83.34])
	by msrv.matik.com.br (8.13.4/8.13.1) with ESMTP id k1O9UtQ0067303;
	Fri, 24 Feb 2006 06:30:55 -0300 (BRT)
	(envelope-from joao@matik.com.br)
From: JoaoBR <joao@matik.com.br>
To: Hajimu UMEMOTO <ume@freebsd.org>
Date: Fri, 24 Feb 2006 06:30:53 -0300
User-Agent: KMail/1.9.1
References: <200602200300.k1K30TZr050863@freefall.freebsd.org>
	<200602201721.50781.joao@matik.com.br>
	<ygelkw58dl9.wl%ume@mahoroba.org>
In-Reply-To: <ygelkw58dl9.wl%ume@mahoroba.org>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Message-Id: <200602240630.53797.joao@matik.com.br>
X-Filter-Version: 1.11a (msrv.matik.com.br)
X-Virus-Scanned: ClamAV version 0.88,
	clamav-milter version 0.87 on msrv.matik.com.br
X-Virus-Status: Clean
Cc: freebsd-ipfw@freebsd.org
Subject: Re: kern/93422: Re: ipfw divert rule
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Feb 2006 09:30:57 -0000

On Tuesday 21 February 2006 02:50, Hajimu UMEMOTO wrote:

> joao> same reason why "... pipe proto ip in|out" does not pipe any more,
> right?
>
> Yes.
>

in addition to our "proto" talk. omitting "proto" in the rule the rule as in

ipfw add deny dst-ip ${IP} recv ${NIC}

works, but this

ipfw add deny proto ip dst-ip ${IP} recv ${NIC}

does not

so would something as

ipfw add 1000 divert 8669 dst-ip 0.0.0.0 src-ip 0.0.0.0

work than?=20

How should I rewrite my rules or better regressing to the old "ip from any =
to=20
any" ?

thank's
Jo=E3o







A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik  https://datacenter.matik.com.br