From owner-freebsd-questions@FreeBSD.ORG Fri Dec 28 00:22:31 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 51C9516A418 for ; Fri, 28 Dec 2007 00:22:31 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.freebsd.org (Postfix) with ESMTP id C0AB813C4F5 for ; Fri, 28 Dec 2007 00:22:30 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from kobe.laptop (ppp1-102.pat.forthnet.gr [213.16.208.102]) (authenticated bits=128) by igloo.linux.gr (8.14.1/8.14.1/Debian-9) with ESMTP id lBS0LwCm005631 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 28 Dec 2007 02:22:07 +0200 Received: from kobe.laptop (kobe.laptop [127.0.0.1]) by kobe.laptop (8.14.2/8.14.2) with ESMTP id lBS0LvK8047304; Fri, 28 Dec 2007 02:21:57 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost) by kobe.laptop (8.14.2/8.14.2/Submit) id lBS0LswF047303; Fri, 28 Dec 2007 02:21:54 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) Date: Fri, 28 Dec 2007 02:21:54 +0200 From: Giorgos Keramidas To: Noah Message-ID: <20071228002153.GC47064@kobe.laptop> References: <47743999.3010908@enabled.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47743999.3010908@enabled.com> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-4.044, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.35, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: freebsd-questions@freebsd.org Subject: Re: removing ipfw rules X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Dec 2007 00:22:31 -0000 On 2007-12-27 15:47, Noah wrote: > Hi, > > I have two ipfw rules that I want to remove. They are viewable with the > "ipfw show" command > > > --- snip --- > > 06600 0 0 allow ip from any to any proto tcp src-ip > 66.66.66.66 dst-port 22 > 06700 0 0 allow ip from any to any proto tcp src-ip > 66.66.66.66 dst-port 22 > > --- snip ---- > > I am typing the command "/sbin/ipfw -q delete pass proto tcp src-ip > 66.66.66.66 dst-port 22" > > but both lines remain. What am I doing wrong? There are differences between the visible rule: allow ip from any to any proto tcp src-ip 66.66.66.66 dst-port 22 and the one you are trying to delete: pass proto tcp src-ip 66.66.66.66 dst-port 22 Having said that, can you try something simpler, i.e. ipfw -q delete 6600 ipfw -q delete 6700 This should work too, if I remember well enough the ipfw syntax.