ipfw pravidlo count nepocita

Dan Lukes dan at obluda.cz
Mon Mar 19 01:47:46 CET 2007

Previous message: ipfw pravidlo count nepocita
Next message: Google Summer of Code 2007
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Milan Cizek wrote:
>>> 03050      48       1920 count ip from not 10.0.0.0/8 to 
>> 10.0.3.20 out
>>> 03050   12368    6158768 count ip from 10.0.3.20 to not 10.0.0.0/8
>>> 03050  479247  454506603 allow ip from not 10.0.0.0/8 to 
>> 10.0.3.20 in 
>>> via ste0 limit dst-addr 500

>> 3. direktiva 'limit' je z tridy "stavovych direktiv". 
>> Nepredchazi temto pravidlum nejaek jine, ktere by obsahovalo 
>> check-state, keep-state nebo limit
> 
> nic takoveho pred tim nemam.

	No, tak smula.

	Stale si myslim, ze klicovym problemem je bud' zmena nestavoveho 
firewallu na stavovy - mozna v kombinaci s tim, ze je tam prilis mnoho 
pravidel se stejnym cislem. Nakonec, z celeho firewallu vidim jen tri 
radky a na tom celkem neni prilis prostoru pro vytvareni jakychkoliv 
dalsich teorii.

	Zbyva ladit.
	

						Dan

Previous message: ipfw pravidlo count nepocita
Next message: Google Summer of Code 2007
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list