[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-ipfw
Subject:    Re: Syntax base IP
From:       AT Matik <asstec () matik ! com ! br>
Date:       2008-05-06 10:48:18
Message-ID: 200805060748.18487.asstec () matik ! com ! br
[Download RAW message or body]

On Sunday 04 May 2008 12:40:24 budsz wrote:
> Hallo,
>
> I've rule in /etc/rc.firewall like this:
>
> ifint0="rl0"
> ippriviix="192.168.0.0/24"
> ipunlimit="192.168.0.100/32,10.35.4.1/32,202.129.189.42/32,\
>            202.129.189.45/32,125.163.77.180/32,202.43.167.70/32,\
>           
> 202.43.167.72/32,202.43.161.119/32,202.10.32.10/32,202.93.20.22/32,\
> 202.93.20.23/32,202.93.20.24/32,122.102.49.132/32,\
>            202.43.161.124/32,202.93.247.26/32,202.93.247.28/32"

if you can not use tables you can write a for loop with skipto pefore the pipe

for items in $ipunlimit; do
ipfw add 100 skipto $rulenumber_after_pipe ip from $items to any
done

pipe rules (where you like to add in or out to via)



> portlim="20-21,80,88,443,2009,8080,8088,10007,18755"
> bwunlimit="197Kbit/s"
>
> ${fwcmd} add 100 pipe 1 ip from ${ippriviix} to { not ${ipunlimit} }
> ${portlim} via ${ifint0}
> ${fwcmd} add 101 pipe 1 ip from { not ${ipunlimit} } ${portlim} to
> ${ippriviix} via ${ifint0}
> ${fwcmd} pipe 1 config bw ${bwunlimit}
>
> Executing firewall I got error message like this:
> #sh /etc/rc.firewall
> ipfw: opcode 6 size 33 wrong
> ipfw: getsockopt(IP_FW_ADD): Invalid argument
> ipfw: opcode 2 size 33 wrong
> ipfw: getsockopt(IP_FW_ADD): Invalid argument
>
> This error happened after I adding new IP Address 202.93.247.28/32 on
> $ipunlimit variable.
> It that correct to add 202.93.247.26/32 and 202.93.247.28/32 together?
> or I should rewrite like
> 202.93.247.26/29?. But already same on $ipunlimit variable like
> 202.93.20.22/32 and 202.93.20.23/32 this is no problem.
>
> Any clue or suggestion about this syntax?
>
> Thanks You

-- 
Participe no BAIXO ASSINADO SCM:
http://info.matik.com.br
--
Atenciosamente, J.M.
Responsável Plantão Site Support Matik
Infomatik Internet Technology
(18)3551.8155  (18)8112.7007







A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik  https://datacenter.matik.com.br
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic