is a pain in ...wel.. trying to fix this
* from/to/via position indepenndant syntax
* "any" for 0/0 host address
* addf/addb default keyword in case you skip it..
* pass = accept new action, seems to be somewhat better
in particular cases
* on = via (as on ed0 instead of via ed0,loook at
reject tcp on ed0 from hacker )
ports for the destination IP addr/port.
Nobody reported this btw , while a lot of other things reported-
probably ppl does not use destination ports at all????
We have only one firewall chain and one accounting chain now.
No blocking/forwarding so commands changed.
Man pages are somewhat out of date and will be updated ASAP.