[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[[email protected]: Re: cvs commit: src/sys/netinet ip_fw.c ip_fw.h src/sbin/ipfw ipfw.8 ipfw.c]
----- Forwarded message from Dag-Erling Smorgrav <[email protected]> -----
To: Poul-Henning Kamp <[email protected]>
Cc: [email protected], [email protected]
Subject: Re: cvs commit: src/sys/netinet ip_fw.c ip_fw.h src/sbin/ipfw ipfw.8 ipfw.c
From: Dag-Erling Smorgrav <[email protected]>
Date: 13 Feb 2001 16:23:15 +0100
Poul-Henning Kamp <[email protected]> writes:
> It would be more elegant to have multiple lists of ipfw rules:
> One input list per interface
> One output list per interface
> One list for packets being forwarded
> One list for packets arriving locally
> One list for packets originating locally
One list to rule them all
One list to find them
One list to bring them all
And in the firewall bind them
In the land of TCP/IP where the packets fly.
DES (sorry, couldn't resist)
--
Dag-Erling Smorgrav - [email protected]
----- End forwarded message -----
--
Matthew Hunt <[email protected]> * I have to count the meat.
http://www.pobox.com/~mph/ *
===
This message was sent to mph-humor. No guarantees of actual humor are
provided. Archives and instructions are available from
<http://www.pobox.com/~mph/humor/>.