osdir.com
mailing list archive

Subject: Feature request for PF - msg#00006

List: os.freebsd.devel.ipfw

Date: Prev Next Index Thread: Prev Next Index
Hi, all!
PF doesn't have ability to match on packet size and tcp/udp payload size. Is
it possible to add this features to PF, may be only in FreeBSD's PF?
Sometimes it is very usefull.
_______________________________________________
freebsd-ipfw@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"



Was this page helpful?
Yes No
Thread at a glance:

Previous Message by Date: click to view message preview

ipnat tcp

Hi all! My ipnat.rules: map xl1 192.168.0.0/24 -> 0/32 portmap tcp/udp auto map xl1 192.168.0.0/24 -> 0/32 map xl1 192.168.0.0/24 -> 0.0.0.0/32 proxy port 500 ipsec/udp rdr xl1 0/32 port 2222 -> 192.168.0.52 port 2222 My: # ipnat -l map xl1 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto map xl1 192.168.0.0/24 -> 0.0.0.0/32 map xl1 192.168.0.0/24 -> 0.0.0.0/32 proxy port isakmp ipsec/udp rdr xl1 0.0.0.0/32 port 2222 -> 192.168.0.52 port 2222 tcp Why is last raw on ipnat -l showning TCP on port 2222? I have not used tcp in my ipnat.rules on the port 2222 //Jan _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Next Message by Date: click to view message preview

Current problem reports assigned to you

Current FreeBSD problem reports Critical problems Serious problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/04/22] kern/51274 ipfw [ipfw] [patch] ipfw2 create dynamic rules f [2003/04/24] kern/51341 ipfw [ipfw] [patch] ipfw rule 'deny icmp from o [2004/03/03] kern/63724 ipfw [ipfw] IPFW2 Queues dont t work o [2004/11/13] kern/73910 ipfw [ipfw] serious bug on forwarding of packe o [2004/11/19] kern/74104 ipfw [ipfw] ipfw2/1 conflict not detected or r o [2005/03/13] conf/78762 ipfw [ipfw] [patch] /etc/rc.d/ipfw should exce o [2005/05/11] bin/80913 ipfw [patch] /sbin/ipfw2 silently discards MAC o [2005/11/08] kern/88659 ipfw [modules] ipfw and ip6fw do not work prop o [2005/11/08] kern/88664 ipfw [ipfw] ipfw stateful firewalling broken w 9 problems total. Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- a [2001/04/13] kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/u o [2002/12/10] kern/46159 ipfw [ipfw] [patch] ipfw dynamic rules lifetim o [2003/02/11] kern/48172 ipfw [ipfw] [patch] ipfw does not log size and o [2003/03/10] kern/49086 ipfw [ipfw] [patch] Make ipfw2 log to differen o [2003/04/09] bin/50749 ipfw [ipfw] [patch] ipfw2 incorrectly parses p o [2003/08/26] kern/55984 ipfw [ipfw] [patch] time based firewalling sup o [2003/12/30] kern/60719 ipfw [ipfw] Headerless fragments generate cryp o [2004/08/03] kern/69963 ipfw [ipfw] install_state warning about alread o [2004/09/04] kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites dest o [2004/10/22] kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [B o [2004/10/29] kern/73276 ipfw [ipfw] [patch] ipfw2 vulnerability (parse o [2005/03/13] bin/78785 ipfw [ipfw] [patch] ipfw verbosity locks machi o [2005/05/05] kern/80642 ipfw [ipfw] [patch] ipfw small patch - new RUL o [2005/06/28] kern/82724 ipfw [ipfw] [patch] Add setnexthop and default o [2005/10/05] kern/86957 ipfw [ipfw] [patch] ipfw mac logging o [2005/10/07] kern/87032 ipfw [ipfw] [patch] ipfw ioctl interface imple o [2006/01/03] bin/91245 ipfw [patch] ipfw(8) sometimes treat ipv6 inpu o [2006/01/16] kern/91847 ipfw [ipfw] ipfw with vlanX as the device 18 problems total. _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Previous Message by Thread: click to view message preview

ipnat tcp

Hi all! My ipnat.rules: map xl1 192.168.0.0/24 -> 0/32 portmap tcp/udp auto map xl1 192.168.0.0/24 -> 0/32 map xl1 192.168.0.0/24 -> 0.0.0.0/32 proxy port 500 ipsec/udp rdr xl1 0/32 port 2222 -> 192.168.0.52 port 2222 My: # ipnat -l map xl1 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp auto map xl1 192.168.0.0/24 -> 0.0.0.0/32 map xl1 192.168.0.0/24 -> 0.0.0.0/32 proxy port isakmp ipsec/udp rdr xl1 0.0.0.0/32 port 2222 -> 192.168.0.52 port 2222 tcp Why is last raw on ipnat -l showning TCP on port 2222? I have not used tcp in my ipnat.rules on the port 2222 //Jan _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Next Message by Thread: click to view message preview

Re: kern/93300: ipfw pipe lost packets

Synopsis: ipfw pipe lost packets Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Tue Feb 14 07:04:13 UTC 2006 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=93300 _______________________________________________ freebsd-bugs@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@xxxxxxxxxxx"
Sign up for updates to this mailing list. email:
Loading Comments...
Home | News | Patents | Sitemap | FAQ | advertise

Advertising by