[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
One OR MORE of source and destination addresses?
- Subject: One OR MORE of source and destination addresses?
- From: admin at asarian-host.net (Mark)
- Date: Tue Aug 3 09:01:03 2004
Bill Moran wrote:
> How about using skipto instead of allow? Thus, if it passes the
> first one, it can just skipto the next rule to be checked. i.e.:
> ipfw add 11 skipto 12 tcp from any to me 25 setup limit dst-addr 32
> ipfw add 12 allow tcp from any to me 25 setup limit src-addr 4
> Thus, if rule 11 pases, it skips to rule 12. If it fails, it should
> reject as always. The end result is that a packet _must_ pass both
> rules to be allowed.
I spoke too soon. :( It seems this sort of rules evokes a bug:
My whole console is flooded with messages like these:
"ipfw: install_state: entry already present, done"
Is there a known patch?
Visit your host, monkey.org