On Thu, 13 Jul 2006, Dmitry Pryanishnikov wrote:
# ipfw add 00100 count ip from { not 10.20.0.0/16 and not 10.30.0.0/16 } to
any via fxp0 in
ipfw: missing ")"
Correct, there is no 'and' keyword in ipfw syntax, since it's redundant:
a simple ',' in address list means 'and'. So this can be written as:
Umm, sorry, of course ',' means 'or':
10.20.0.0/16,10.30.0.0/16 matches 10.20.0.0/16 OR 10.30.0.0/16
ipfw add 100 count ip from not 10.20.0.0/16,10.30.0.0/16 to any via fxp0 in
Yet this construction is correct and means exactly that: packets NOT
from ( 10.20.0.0/16 OR 10.30.0.0/16).
Sincerely, Dmitry
--
Atlantis ISP, System Administrator
e-mail: [EMAIL PROTECTED]
nic-hdl: LYNX-RIPE
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
