seiki

From owner-freebsd-net Tue May 21 7:43:20 2002 Delivered-To: freebsd-net@freebsd.org Received: from exchmx2.lsuhsc.edu (exchmx2.lsuhsc.edu [155.58.212.90]) by hub.freebsd.org (Postfix) with ESMTP id 9CF4D37B403 for ; Tue, 21 May 2002 07:40:01 -0700 (PDT) Received: by exchmx2.lsuhsc.edu with Internet Mail Service (5.5.2653.19) id ; Tue, 21 May 2002 09:40:03 -0500 Message-ID: From: "Mire, John" To: 'Scott Ullrich' , "Mire, John" , 'John Angelmo' , net@freebsd.org Subject: RE: "dynamic" ipfw Date: Tue, 21 May 2002 09:36:56 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C200D4.F4FCF340" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C200D4.F4FCF340 Content-Type: text/plain; charset="iso-8859-1" a search on google did not turn up anything for me and the webpage is just a page with seiki on it and no other links: seiki

-----Original Message----- From: Scott Ullrich [mailto:sullrich@CRE8.COM] Sent: Tuesday, May 21, 2002 9:37 AM To: 'Mire, John'; Scott Ullrich; 'John Angelmo'; net@freebsd.org Subject: RE: "dynamic" ipfw John, What do you mean by does it do anything? Currently all three projects are working and we are in the process of finishing new verisons. ;) -Scott -----Original Message----- From: Mire, John [mailto:jmire@lsuhsc.edu] Sent: Tuesday, May 21, 2002 10:19 AM To: 'Scott Ullrich'; 'John Angelmo'; net@freebsd.org Subject: RE: "dynamic" ipfw nice project page, does it do anything? -----Original Message----- From: Scott Ullrich [mailto:sullrich@CRE8.COM] Sent: Monday, May 20, 2002 5:23 PM To: 'John Angelmo'; net@freebsd.org Subject: RE: "dynamic" ipfw Check out http://www.bsdshell.com 's EtherFirewall project. It will allow you to maintain Mac addresses with your IPFW rules. Now regarding the hostname to ip address conversion for firewall rules. I have a feeling it is translating the IP address at the time of entry so this is not really going to work for your round-robin situation. EtherFirewall is the clear choice for this. Good luck! -Scott > -----Original Message----- > From: John Angelmo [ mailto:john@veidit.net ] > Sent: Monday, May 20, 2002 1:40 PM > To: net@freebsd.org > Subject: "dynamic" ipfw > > > Hello > > I have a small problem with IPFW > > How can I handle adding and removing rules based on IP/MAC per user? > I can add a rule for a specific IP/MAC without the need to > flush but can > I remove it in the same way? > > now lets say I have a user that only needs access to it's mailserver > mail.user.com with pop3 and smtp > then the rule for pop3 would be something like > add allow ip from mail.user.com 110 to IP/HOST (MAC dosn't > work here right?) > > Now mail.user.com uses runrobin so the IP changes from request to > request but dosn't the IPFW resolve the IP when its added to > the rules, > how can this be solved for the user? > > /John > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > ------_=_NextPart_001_01C200D4.F4FCF340 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: "dynamic" ipfw

a=20 search on google did not turn up anything for me and the webpage is = just a page=20 with seiki on it and no other links:

<html>
<head>
<title>seiki</title>
</head>

<body =
bgcolor=3D"#FFFFFF" text=3D"#000000">

<p =
align=3D"center"></p>
<div =
align=3D"center">
  <center>
  <table =
border=3D"0" cellpadding=3D"20" cellspacing=3D"0" width=3D"100%" height=3D"100%">
    <tr>
      <td width=3D"100%" height=3D"100%">

        <p align=3D"center"><img =
border=3D"0" src=3D"seiki.gif" align=3D"center" width=3D"413" height=3D"173"></td>
    </tr>
  </table>
  </center>
</div>

</body>

</html>

-----Original Message-----
From: Scott Ullrich=20 [mailto:sullrich@CRE8.COM]
Sent: Tuesday, May 21, 2002 9:37 = AM
To: 'Mire, John'; Scott Ullrich; 'John Angelmo';=20 net@freebsd.org
Subject: RE: "dynamic" = ipfw

John,

What=20 do you mean by does it do anything? Currently all three = projects are=20 working and we are in the process of finishing new verisons.=20 ;)

-Scott

-----Original Message-----
From: Mire, John=20 [mailto:jmire@lsuhsc.edu]
Sent: Tuesday, May 21, 2002 = 10:19=20 AM
To: 'Scott Ullrich'; 'John Angelmo';=20 net@freebsd.org
Subject: RE: "dynamic" = ipfw

nice project page, does it do = anything?

-----Original Message-----
From: Scott Ullrich = [mailto:sullrich@CRE8.COM]
Sent: Monday, May 20, 2002 = 5:23=20 PM
To: 'John Angelmo'; = net@freebsd.org
Subject: RE:=20 "dynamic" ipfw

Check out http://www.bsdshell.com 's=20 EtherFirewall project. It will allow you to maintain = Mac=20 addresses with your IPFW rules.

Now regarding the hostname to ip address = conversion for=20 firewall rules. I have a feeling it is translating the IP = address at=20 the time of entry so this is not really going to work for your = round-robin=20 situation. EtherFirewall is the clear choice for = this.

Good luck!

-Scott

> -----Original Message----- =
> From: John Angelmo [mailto:john@veidit.net] =
> Sent: Monday, May 20, 2002 1:40 PM
> To: net@freebsd.org
> = Subject:=20 "dynamic" ipfw
>
>=20
> Hello
>=20
> I have a small problem with = IPFW=20
>
> How can I = handle adding=20 and removing rules based on IP/MAC per user?
>=20 I can add a rule for a specific IP/MAC without the need to=20
> flush but can
> I=20 remove it in the same way?
> =
> now lets say I have a user that only needs access = to it's=20 mailserver
> mail.user.com with pop3 = and=20 smtp
> then the rule for pop3 would = be=20 something like
> add allow ip from=20 mail.user.com 110 to IP/HOST (MAC dosn't
> work=20 here right?)
>
> Now=20 mail.user.com uses runrobin so the IP changes from request to=20
> request but dosn't the IPFW = resolve the IP=20 when its added to
> the rules, =
> how can this be solved for the user? =
>
> /John =
>
>
> To=20 Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the=20 message
>=20

------_=_NextPart_001_01C200D4.F4FCF340-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message