On 2019-07-08 17:59:21, Andrey V. Elsukov wrote:
> On 08.07.2019 17:03, Claudio Eichenberger wrote:
> > Hello,
> >
> > In FreeBSD 11.2'ipfw -N show' wrote the protocol names numerically:
> >
> > 00600 712189 84865042 allow tcp from any
On 08.07.2019 17:03, Claudio Eichenberger wrote:
> Hello,
>
> In FreeBSD 11.2 'ipfw -N show' wrote the protocol names numerically:
>
> 00600 712189 84865042 allow tcp from any to x.x.x.x 443 in recv bce0
>
> Andrey fixed it in December last year
Hello,
In FreeBSD 11.2'ipfw -N show' wrote the protocol names numerically:
00600 712189 84865042 allow tcp from any to x.x.x.x 443 in recv bce0
Andrey fixed it in December last year and the reporting was then like this:
00600 712189 84865042 allow tcp f
Hello Andrey,
Many many thanks. This solved the problem.
Your fix does more than did the -N flag in the past. Even the IP Address gets
transformed to domain name!
00600 58 2404 allow tcp from any to yourshop.com http in
recv bce0
00700 48 15788 allow tcp f
On 11.12.2018 19:55, Claudio Eichenberger wrote:
> I didn't install anything. I applied the patches to this file
> /usr/src/sbin/ipfw/ipfw2.c compiled the kernel & booted
These patches are not for kernel, you need to rebuild only sbin/ipfw
utility.
You can do this:
# make -C /usr/src/sbin/ipfw al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Am Tue, 11 Dec 2018 17:55:34 +0100
Claudio Eichenberger schrieb:
> /usr/src/sbin/ipfw/ipfw2.c
Isn't /usr/src/sbin/ and fellows supposed to install only via "make
installworld"?
- --
O. Hartmann
Ich widerspreche der Nutzung oder Übermittlung m
|| (cmd->len & F_OR) == 0)
> > break;
> > - tmp = cmd->arg1;
> > }
> > /* Initialize proto, it is used by print_newports() */
> > - if (tmp != 0)
> > -
if (ip6 != 0)
> - state->proto = IPPROTO_IPV6;
> - else
> - state->proto = IPPROTO_IP;
> state->flags |= HAVE_PROTO;
> + if (state->proto == 0 && ip6 != 0)
> + st
e->proto == 0 && ip6 != 0)
+ state->proto = IPPROTO_IPV6;
}
static int
unfortunately,ipfw -N show still doesn't print the protocols:
00800 0 0 allow tcp from any to x.x.x.x 443 in recv bce0
Claudio
On 2
Hello Andrey,
Many thanks!
I'll try to test it.
Claudio
On 2018-12-10 19:25:11, Andrey V. Elsukov wrote:
> On 10.12.2018 17:27, Claudio Eichenberger wrote:
> > Hello,
> >
> > ipfw -N show
> > FreeBSD 11.1 was like this:
> > 00600 712189 84865042
On 10.12.2018 17:27, Claudio Eichenberger wrote:
> Hello,
>
> ipfw -N show
> FreeBSD 11.1 was like this:
> 00600 712189 84865042 allow tcp from any to x.x.x.x dst-port https
> in recv bce0
> FreeBSD 11.2 is like this:
> 00600 712189 84865042 allow tcp
Hello,
ipfw -N show
FreeBSD 11.1 was like this:
00600 712189 84865042 allow tcp from any to x.x.x.x dst-port https
in recv bce0
FreeBSD 11.2 is like this:
00600 712189 84865042 allow tcp from any to x.x.x.x 443 in recv bce0
Does a flag exist to make it report the
12 matches
Mail list logo
