[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: ipfw add allow ip from @access_list1  to any in
From:       Max Laier <max () love2party ! net>
Date:       2004-06-29 21:24:05
Message-ID: 200406292324.12678.max () love2party ! net
[Download RAW message or body]


On Wednesday 30 June 2004 03:48, sid@merlin.com.ua wrote:
> Hello freebsd-hackers,
>
>
>   Hi,
>   for my own purposes I add some new features to ipfw2.
>   now hereis patches for 5.1
>   Luigi some time ago have a look at ones, but now..
>   if it is looks like interesting, get and enjoy it free
>   this is not a release, I stil work about it.
>   and I wait for 5.3 to make complete patches for 5.3.
>   will be pleasure for me if this will include to release...
>
>   read first:
>   ftp://merlin.com.ua/pub/FreeBSD/5.1/ipfw_sid/readme
>
>   ftp://merlin.com.ua/pub/FreeBSD/5.1/ipfw_sid/*.tgz
>
>   disclaimer:
>   who downloaded it, please make backups your original files,
>   extract patches in new directory and look at ones first.
>   if you not sure that you doing, do not do anything, please.
>   support of that features only if ones will include in FreeBSD
>   and only via freebsd-hackers@freebsd.org
>
>   its do like this:
>
> ipnt add @MY_NET 192.168.0.0/16
> ipnt add @MY_NET 195.66.199.0/24
> ipnt add @MY_NET 62.16.9.0/24
>
> ipfw add 350 pipe 350 ip from any to @MY_NET out
>
> you can manipulate that lists without changing firewall
>
> ipnt del @MY_NET 0/0
> ipnt add @MY_NET 1.1.1.1

I think something like this is implemented in -current for quite some time 
already. Check the "LOOKUP TABLES" section of ipfw(8) and ask ru@ about his 
plans to transform them from numbered to named entities (as that is what your 
are suggesting).

-- 
Best regards,				| mlaier@freebsd.org
Max Laier				| ICQ #67774661
http://pf4freebsd.love2party.net/	| mlaier@EFnet

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]