Date: Wed, 21 Jan 2015 12:29:20 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Shane Ambler <FreeBSD@shaneware.biz> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: IPFilter & FreeBSD-10.1 Message-ID: <CAAdA2WPr4jjdS3MiuNkuG2JQCA_LAaSndhe=cRxiSHVf9o_yRw@mail.gmail.com> In-Reply-To: <54BF7050.90605@ShaneWare.Biz> References: <CAAdA2WMudfd0J9RP_3UL%2BEMC8Vh3Crks8c-6U5f7AQMBSR0XJQ@mail.gmail.com> <CAOc73CCsrnqskLJKFbQH2W-EYH7yi=AXiSKw8jLYz0O35spJ5g@mail.gmail.com> <CAAdA2WOeiEv2opf4ZMDAf=LvC5TUCbC8%2BAeE0ecf7Ac%2B=jQ1-w@mail.gmail.com> <54BF7050.90605@ShaneWare.Biz>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Shane, Where is the new syntax documented? Or I just have to 'man ipf'? I'd love to see a web discussion about it, which I obviously missed. Is there a sort of rule converter? :-) Thank you for mentioning this syntax thing. Must be the one that was biting me on 10.1 On 21 January 2015 at 12:24, Shane Ambler <FreeBSD@shaneware.biz> wrote: > On 21/01/2015 16:15, Odhiambo Washington wrote: > >> Hi Ben, >> >> Thanks for this. I actually read this bit of it having been updated to >> version 5.1.2 in FreeBSD 10.0. >> >> However, my problem emanated from the fact that rules that I use on >> FreeBSD-8.4/9.3 simply could not work on 10.1 >> >> I simply carried the rules over, and did not compile a custom kernel on >> 10.1. I was believing that the module will be automatically loaded and >> rules would work. They didn't! Only 'ipf -D' would let connections to be >> made from LAN PCs to my gateway PC.. >> > > I read a post in which someone had to copy the sources from 9.x to 10.x >> and >> recompile in order to get it to work with the rules from 9.x >> > > The update from 4.1.28->5.1.2 may include changes that requires > adjusting old rules to the new syntax. > > While going back to an older version can get your old settings to work > again it also removes any security fixes from the update. Updating your > ruleset would be a better solution. > > > -- > FreeBSD - the place to B...Software Developing > > Shane Ambler > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WPr4jjdS3MiuNkuG2JQCA_LAaSndhe=cRxiSHVf9o_yRw>