Date: Tue, 07 Sep 2010 16:42:29 +0300 From: Nikos Vassiliadis <nvass9573@gmx.com> To: Victor Sudakov <sudakov@sibptus.tomsk.ru>, freebsd-questions@freebsd.org Subject: Re: ipfw fwd and ipfw allow Message-ID: <4C864145.80805@gmx.com> In-Reply-To: <20100907110033.GA51618@admin.sibptus.tomsk.ru> References: <20100822052550.GA42346@admin.sibptus.tomsk.ru> <20100907090012.GA48608@admin.sibptus.tomsk.ru> <4C8616F0.5010401@gmx.com> <20100907110033.GA51618@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/7/2010 2:00 PM, Victor Sudakov wrote: > Nikos Vassiliadis wrote: >>> Am I asking something unreasonable? >> >> Not really, but if you ask, one could say that IPFW is a "first >> match wins" firewall, so a fwd or an allow action would be the >> terminal one. You must design your rules accordingly. >> >> There is also the skipto action which can alter the way packets >> flow through the rules. >> >> Could you describe in a conrete example what you're trying to >> achieve? > > I want forwarded packets to create a dynamic "allow" rule. > You can combine fwd and keep-state. Could you be more specific?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C864145.80805>