Date: Tue, 10 Sep 2002 15:54:22 -0300 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: Luigi Rizzo <rizzo@icir.org> Cc: ipfw@FreeBSD.ORG Subject: Re: ipfw2 vs. ipfw1 and 4.7 Message-ID: <3D7E3FDE.6070805@tcoip.com.br> References: <20020902082743.D87097@iguana.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo wrote:
> People,
> now that the release of 4.7 is approaching, i would really appreciate
> if you could give ipfw2 a try and see whether it breaks anything
> in your rulesets. Also have a look at the manpage highlighting the
> differences between ipfw1 and ipfw2 to see if your rulesets can be
> simplified/made more efficient.
I love ipfw2, even though the breakage of fwd caused me a huge headache.
Just the set feature would be enough to endear me to it. Now I have a
reasonably resilient system for firewall rule changes, at last. And just
being able to type sh /etc/rc.firewall... :-)
As a side note, the man page mentions that 32 sets are available, but
set 31 is illegal when I try to use it (and sometimes produce very weird
results indeed).
--
Daniel C. Sobral (8-DCS)
Gerencia de Operacoes
Divisao de Comunicacao de Dados
Coordenacao de Seguranca
TCO
Fones: 55-61-313-7654/Cel: 55-61-9618-0904
E-mail: Daniel.Capo@tco.net.br
Daniel.Sobral@tcoip.com.br
dcs@tcoip.com.br
Outros:
dcs@newsguy.com
dcs@freebsd.org
capo@notorious.bsdconspiracy.net
Never, ever lie to someone you love unless you're
absolutely sure they'll never find out the truth.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D7E3FDE.6070805>