IPFW rule sets and automatic rule numbering
bycn82
bycn82 at gmail.com
Thu Sep 18 00:34:47 UTC 2014
On 9/17/14 22:58, Freddie Cash wrote:
> Just to summarise everything:
>
> 1. Automatic rule numbering works beautifully if you only ever use
> the default rule set (set 0). Meaning, if you don't use any set
> commands at all.
>
> 2. If you manually number every rule, then using rule sets works
> beautifully.
>
> 3. Doing a little set manipulation allows you to load updated rules
> without disconnecting anyone or dropping any packets:
> disable set 1
> load rules into set 1
> enable set 1
you dont need below steps.
> swap set 1 0
> disable set 1
>
> I understand how everything works a little bit better now. Thanks for
> all the help and pointers and discussion.
>
> --
> Freddie Cash
> fjwcash at gmail.com <mailto:fjwcash at gmail.com>
More information about the freebsd-ipfw
mailing list