IPFW3 problems with network lists
bycn82
bycn82 at gmail.com
Sun Jan 17 07:33:14 PST 2016
Hi Matthias,
There are 2 different places compare to IPFW from FreeBSD
1. You dont need "{" and "}", you can use below
ipfw3 add allow log 1 all *from 192.168.1.1 or 192.168.1.2* to 192.168.0.1
2. log 1 means it will duplicate the traffic to ipfw0 interface. currently
it supports ipfw0 ~ ipfw9 only. just dont want to waste too much memory and
most of time, 10 logging destinations are enough to use i think.
Regards,
Bill Yuan
On 17 January 2016 at 23:09, Matthias Play <matthias_play at gmx.net> wrote:
> Hi,
>
> I use a shell script to setup my ipfw3 firewall and want to define network
> lists to shorten my rule set. For that I used the approach described inside
> the example section on ipfw3 in 'man ipfw3' like the following:
>
> #!/bin/sh
> nets_allowed="{ 192.168.1.1 or 192.168.1.2 }"
> ipfw3 add allow log 1 ip in from ${nets_allowed} to 192.168.0.1
>
> When I run this script I get the following error:
>
> ipfw3: hostname ``{'' unknown
>
> Can you also reproduce this error?
>
> Regards
> Matthias
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20160117/1c2e2e93/attachment-0003.htm>
More information about the Users
mailing list