Re: ipwf firewall stock rule types ?

2019-06-10 Thread Ganbold Tsagaankhuu
st like to know what the differences are between "client" and > "simple". > > Can anyone explain that to me, briefly? > You can quickly look at /etc/rc.firewall script. Ganbold > > ___ > freebsd-ipfw@freebsd.org

layer2 ipfw fwd

2015-12-20 Thread Ganbold Tsagaankhuu
Hi, Does ipfw support layer2 fwd to support transparent proxying on bridge? Does similar change like https://lists.freebsd.org/pipermail/freebsd-ipfw/2003-September/000526.html ever get committed? thanks a lot, Ganbold ___ freebsd-ipfw@freebsd.org

Re: ipfw port lookup table patch for review

2008-10-07 Thread Ganbold
Hi, I have just made the patches that use arrays for port entries. It is under the same directory: http://people.freebsd.org/~ganbold/ipfw_port_table/ Array version (each array can have IPFW_TABLES_MAX entries): http://people.freebsd.org/~ganbold/ipfw_port_table/ipfw_port_table_array_unsorted

Re: kern/121807: Sugestion: TCP and UDP port_table in ipfw

2008-09-25 Thread Ganbold
The following reply was made to PR kern/121807; it has been noted by GNATS. From: Ganbold <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], Vadim Goncharov <[EMAIL PROTECTED]> Subject: Re: kern/121807: Sugestion: TCP and UDP port_table in ipfw Date: Thu, 25 Sep 2008 19

ipfw port lookup table patch for review

2008-09-24 Thread Ganbold
no need to modify existing rule, adding/deleting port entries is easy. I did some small tests and it seems like working. Patches are at: http://people.freebsd.org/~ganbold/ipfw_port_table/ The output of some usage samples is at: http://people.freebsd.org/~ganbold/ipfw_port_table/ipfw_port_tab

Re: question related to /sbin/ipfw/ipfw2.c

2008-09-23 Thread Ganbold
Roman Kurakin wrote: Ganbold wrote: Hi, What does following part of src/sbin/ipfw/ipfw2.c code? ... static void fill_ip(ipfw_insn_ip *cmd, char *av) { int len = 0; uint32_t *d = ((ipfw_insn_u32 *)cmd)->d; cmd->o.len &= ~F_LEN_MASK;/

question related to /sbin/ipfw/ipfw2.c

2008-09-23 Thread Ganbold
f (p) { cmd->o.len |= F_INSN_SIZE(ipfw_insn_u32); d[0] = strtoul(p, NULL, 0); } else cmd->o.len |= F_INSN_SIZE(ipfw_insn); ... thanks, Ganbold -- This is clearly another case of too many mad scientists, and not enough hunchbacks. __

Re: bin/127058: add "all" command line option to ipfw table listing

2008-09-03 Thread Ganbold
The following reply was made to PR bin/127058; it has been noted by GNATS. From: Ganbold <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Subject: Re: bin/127058: add "all" command line option to ipfw table listing Date: Wed, 03 Sep 2008 19:26:19 +0800 The patches are at: http

Re: bin/127058: add "all" command line option to ipfw table listing

2008-09-02 Thread ganbold
The following reply was made to PR bin/127058; it has been noted by GNATS. From: ganbold <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Subject: Re: bin/127058: add "all" command line option to ipfw table listing Date: Wed, 03 Sep 2008 11:45:06 +0800 I guess more complete ipfw(

IPFW_TABLES_MAX in src/sbin/ipfw/ipfw2.c

2008-08-29 Thread Ganbold
to write small shell script to display all the tables and IPs. However I thought it might be useful to have such small feature in ipfw2 code. Correct me if I'm wrong here. thanks, Ganbold -- Say many of cameras focused t'us, Our middle-aged shots do us justice. No justice, please, curse

IPFW_TABLES_MAX in src/sbin/ipfw/ipfw2.c

2008-08-29 Thread Ganbold
possible to write small shell script to display all the tables and IPs. However I thought it might be useful to have such small feature in ipfw2 code. Correct me if I'm wrong here. thanks, Ganbold -- With listening comes wisdom, with speaking repentance. _

Re: IPFW+Dummynet Capability

2008-07-20 Thread Ganbold
Kazi A. Sharif wrote: Hello Thomas, Thanks for the reply. It seems I am not in the right track. I used Emerging Technologies commercial bandwidth manager. It was tested with 2000 rules and the total traffic was 25Mbps. It is build on UNIX OS. Emerging technologies use FreeBSD. See the FAQ: ht

Re: Enable ipfw without rebooting

2005-09-28 Thread Ganbold
Sorry for dup. Probably it is our mail server problem. Ganbold ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Enable ipfw without rebooting

2005-09-28 Thread Ganbold
If you want to restart ipfw you can try: /etc/rc.d/ipfw restart command if you are using FreeBSD 5.x or later. hth, Ganbold At 09:24 PM 9/28/2005, you wrote: Achim Patzner <[EMAIL PROTECTED]> wrote: > Oliver Fromme wrote: > > No. Performing a reboot is a rather bad idea.

Re: ng_netflow and bridging firewall

2005-08-31 Thread Ganbold
em? I don't know yet why ipfw started not to work. Is this bug of ipfw or something else? thanks, Ganbold At 06:28 PM 8/31/2005, you wrote: On Wed, Aug 31, 2005 at 05:50:21PM +0900, Ganbold wrote: G> At 08:10 PM 8/30/2005, you wrote: G> >On Tue, Aug 30, 2005 at 07:30:09PM +090

Re: ng_netflow and bridging firewall

2005-08-31 Thread Ganbold
s this due to ng_ether and bridge(4) bug you mentioned? Or it is something else? Where can I find the bug info? # uname -an FreeBSD machine.mng.net 5.4-STABLE FreeBSD 5.4-STABLE #4: Fri Aug 12 09:58:18 ULAST 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/PRXY i386 thanks, Ganbold At 06: