On Fri, 19 Mar 2004, Tomi Kaistila wrote: > My question is, can I make a rule that allows such replies to pass the > packet filter, but to drop if it is not such a reply or similar signal? I > tried using the setup and established flags but either I did something wrong > or it just didn't work out that way. > > -- > Tomi
What you want is a stateful firewall, aka dynamic firewall rules. Just use ipfw add allow ip from yourip to any keep-state And ipfw will do what you want. This is described in the ipfw manpage, although it's perhaps not explained as well as it could be. Mike "Silby" Silbersack _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
