|

»

Matching all protocols in /etc/protocols (1 rule)

View: New views

3 Messages — Rating Filter: Alert me

	Matching all protocols in /etc/protocols (1 rule) by Miroslav Chlastak-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi all, it's possible to create one rule to pass (or disable) all traffic (all protocols - from /etc/protocols)? I know, that I can use "all" keyword. But this keyword "all" mean only "tcp, udp, icmp" protocols. But there is more then tcp, udp and icmp protocol (gre,esp,ospf,...). If I can allow all of this protocols, so at the moment I have to create 134 rules (1 rule for 1 protocol from /etc/protocols). Thanks for any idea. -- Mira _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..."
	Re: Matching all protocols in /etc/protocols (1 rule) by Freddie Cash-8 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message 2009/8/4 Miroslav Chlastak <mira@...> > Hi all, > > it's possible to create one rule to pass (or disable) all traffic (all > protocols - from /etc/protocols)? > I know, that I can use "all" keyword. But this keyword "all" mean only > "tcp, udp, icmp" protocols. > But there is more then tcp, udp and icmp protocol (gre,esp,ospf,...). If I > can allow all of this protocols, so at the moment I have to create 134 rules > (1 rule for 1 protocol from /etc/protocols). > If this is for IPFW, just use "ip" or "any". That will match any IP packets, regardless of what protocol data is inside the packet. -- Freddie Cash fjwcash@... _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..."
	Re: Matching all protocols in /etc/protocols (1 rule) by Ian Smith-12 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, 4 Aug 2009, Freddie Cash wrote: > 2009/8/4 Miroslav Chlastak <mira@...> > > > Hi all, > > > > it's possible to create one rule to pass (or disable) all traffic (all > > protocols - from /etc/protocols)? > > I know, that I can use "all" keyword. But this keyword "all" mean only > > "tcp, udp, icmp" protocols. > > But there is more then tcp, udp and icmp protocol (gre,esp,ospf,...). If I > > can allow all of this protocols, so at the moment I have to create 134 rules > > (1 rule for 1 protocol from /etc/protocols). > > > > If this is for IPFW, just use "ip" or "any". That will match any IP > packets, regardless of what protocol data is inside the packet. To be fussy, 'any' applies to addresses; 'ip' or 'all' is what's needed here: protocol: [not] protocol-name \| protocol-number An IPv4 protocol specified by number or name (for a complete list see /etc/protocols). The ip or all keywords mean any protocol will match. cheers, Ian _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..."