Date: Sat, 31 Aug 2002 18:49:48 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: Luigi Rizzo <luigi@FreeBSD.ORG> Cc: Kenneth W Cochran <kwc@TheWorld.com>, freebsd-stable@FreeBSD.ORG Subject: Re: IPFW2 option in -stable kernel config Message-ID: <4.3.2.20020831183206.00dd5580@207.227.119.2> In-Reply-To: <20020831150538.A69952@iguana.icir.org> References: <4.3.2.20020831112817.00e57e30@207.227.119.2> <200208311312.JAA118809063@shell.TheWorld.com> <4.3.2.20020831112817.00e57e30@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:05 PM 8/31/02 -0700, Luigi Rizzo wrote:
>ranges are limited to /24 or larger masks (partly to simplify parsing,
>partly because the bitmap grows exponentially with smaller masks).
>In fact, the subnet part is totally redundant (it suffices to lookup
>the list of numbers between brackets), but again its presence gives you
>a bit more error checking and eases parsing.
So how does it work with something larger than a /24? In my last message I
used:
... ip from 1.2.36.0/22{36.1,37.2,38.3,39.4} to ...
Is this correct?
And if what I gather from your reply then one could do:
... ip from 0.0.0.0/0{1.2.3.4,2.3.4.5,3.4.5.6} to ...
Or is that asking too much? 8-)
>I have been thinking about the use of ranges within the bitmap,
>e.g. 1.2.36.0/24{10-19,55,60-89,30}, this will be probably be
>added in a future release.
So for now it can only be a comma separated list and only port values can
use ranges. Right?
Forgot to mention before IPFW2 will show up in the dmesg.
cheers!
Jeff Mountin - jeff@mountin.net
Systems/Network Administrator
FreeBSD - the power to serve
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.20020831183206.00dd5580>