Date: Sat, 29 Dec 2007 01:18:20 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-questions@freebsd.org, Noah <admin2@enabled.com> Subject: Re: removing ipfw rules Message-ID: <Pine.BSF.3.96.1071229004129.11357B-100000@gaia.nimnet.asn.au> In-Reply-To: <20071228091722.720C016A480@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 28 Dec 2007 02:21:54 +0200 Giorgos Keramidas <keramida@ceid.upatras.gr> wrote:
> On 2007-12-27 15:47, Noah <admin2@enabled.com> wrote:
> > Hi,
> >
> > I have two ipfw rules that I want to remove. They are viewable with the
> > "ipfw show" command
> >
> >
> > --- snip ---
> >
> > 06600 0 0 allow ip from any to any proto tcp src-ip
> > 66.66.66.66 dst-port 22
> > 06700 0 0 allow ip from any to any proto tcp src-ip
> > 66.66.66.66 dst-port 22
> >
> > --- snip ----
> >
> > I am typing the command "/sbin/ipfw -q delete pass proto tcp src-ip
> > 66.66.66.66 dst-port 22"
> >
> > but both lines remain. What am I doing wrong?
>
> There are differences between the visible rule:
>
> allow ip from any to any proto tcp src-ip 66.66.66.66 dst-port 22
>
> and the one you are trying to delete:
>
> pass proto tcp src-ip 66.66.66.66 dst-port 22
>
> Having said that, can you try something simpler, i.e.
>
> ipfw -q delete 6600
> ipfw -q delete 6700
>
> This should work too, if I remember well enough the ipfw syntax.
You do, but deleting by rule number/s is the only way. ipfw(8):
ipfw [-q] {delete | zero | resetlog} [set] [number ...]
Of course Noah could find rule number/s to delete with something like
# ipfw delete `ipfw list | grep $somestring | awk '{print $1}'`
if he was, um, courageous :) Safer tested first with ipfw show ..
cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1071229004129.11357B-100000>