check how the netatalk code expands a range in to teh minumm set of
netmasks needed to cover that range.
(somewhere in /sys/netatalk).
On Tue, 26 Oct 1999, Chuck Youse wrote:
>
>
> On Tue, 19 Oct 1999, Julian Elischer wrote:
>
> > > The real advantage is being able to do somethine like this:
> > >
> > > #!/bin/sh
> > > dnservers=10.0.0.1,10.0.0.2,10.0.0.3
> > > smtpservers=10.0.0.4,10.0.0.5,10.0.0.6
> > > ipfw add pass udp from any to $dnservers 53
> > > ipfw add pass tcp from any to $smtpservers 25
> > >
> > > ... and so on.
> > but you need to store this somewhere..
> > the present system of fixed structures doesn't support this without an
> > enormous waste of space...I'm not sure how useful it would be in
> > practice..
>
> Actually, for what he's describing, we could simply modify /sbin/ipfw to
> add multiple rules. For example, the first ipfw example above would be
> expanded to:
>
> ipfw add pass udp from any to 10.0.0.1 53
> ipfw add pass udp from any to 10.0.0.2 53
> ipfw add pass udp from any to 10.0.0.3 53
>
> I'm not quite sure of the value of this in practice either (as one could
> easily expand the rules by hand), but it's not too difficult to implement.
>
> Chuck Youse
>
>
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
