ipfw address-listing woes
Nicolas Rachinsky
list at rachinsky.de
Fri Oct 22 09:01:04 PDT 2004
* Jon Simola <jon at abccom.bc.ca> [2004-10-22 08:50 -0700]:
> Well, I don't think you can list multiple interfaces unless you're
> matching "in recv xl0 out xmit fxp0" and via appears to just use a text
> string without comparing to interfaces actually existing or not.
${fwcmd_add} deny udp from 0.0.0.0 68 to 255.255.255.255 67 in \{ recv ${if_m} or recv ${if_g} \}
resulting in
deny udp from 0.0.0.0 68 to 255.255.255.255 dst-port 67 in { recv fxp0 or recv fxp1 }
works fine here.
Nicolas
More information about the freebsd-ipfw
mailing list