mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-02 08:42:48 +00:00
Code Issues Releases Activity
bb07ec8c84
freebsd/sbin/ipfw
History
Poul-Henning Kamp bb07ec8c84 Introduce a new feature in IPFW: Check of the source or destination 
address is configured on a interface.  This is useful for routers with
dynamic interfaces.  It is now possible to say:

        0100 allow       tcp from any to any established
        0200 skipto 1000 tcp from any to any
        0300 allow       ip from any to any
        1000 allow       tcp from 1.2.3.4 to me 22
        1010 deny        tcp from any to me 22
        1020 allow       tcp from any to any

and not have to worry about the behaviour if dynamic interfaces configure
new IP numbers later on.

The check is semi expensive (traverses the interface address list)
so it should be protected as in the above example if high performance
is a requirement.
2001-02-13 14:12:37 +00:00
..
ipfw.8 Introduce a new feature in IPFW: Check of the source or destination 2001-02-13 14:12:37 +00:00
ipfw.c Introduce a new feature in IPFW: Check of the source or destination 2001-02-13 14:12:37 +00:00
Makefile Convert this Makefile to the usual style. 2000-10-06 11:18:11 +00:00