tag/untag
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 08 Nov 2023 07:26:18 UTC
Hello List, On a recent Stable 13 test host I, by accident, found that: /sbin/ipfw -q add 0031 allow tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state WORKS /sbin/ipfw -q add 0031 allow log tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state WORKS /sbin/ipfw -q add 0031 allow log tag 10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state WORKS /sbin/ipfw -q add 0031 allow log untag 10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state WORKS /sbin/ipfw -q add 0031 allow untag 10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state DOES NOT WORK? - A dynamic rule is created as per the rules that work. - Packets are logged by a deny all rule which of course is never reached by the rules that work. Not a real issue for me but thought it worth noting. Mik.