ipfw3: match multiple ports in a rule

[Chuck Musser]

> On Nov 25, 2016, at 7:21 PM, Bill Yuan <bycn82 at gmail.com> wrote:
> 
> ​Hi Chuck,
> ​
> By default, the filters are joined with 'and'. and currently the 'or' can join the filter which is same as previous one.  
> 
Right, so you can have an "or" for alternatives for the same filter field, like:

dst-port 22 or 80

But maybe not something like:

dst-port 22 or src-port 22

I think I tried something like the above and it said "bad command". That's OK,
additional rules can be added for more complicated matching.

On the two alternative rulesets I posted earlier, any idea why they were not
equivalent? The first worked (allowed access to the HTTP and SSH servers)
and the second did not (neither service was accessible).