On 17-Aug-99 Rodney W. Grimes wrote:
>  I kinda like the idea of this, but can't that really just
>  be done easily with a few ipfw rules, the last two being
>  the important ones:
>  
>  for port in "22 53" ; do
>       ipfw add allow udp from any to ${myip} ${port}
>       ipfw add allow udp from ${myip} ${port} to any
>       ipfw add allow tcp from any to ${myip} ${port}
>       ipfw add allow tcp from ${myip} ${port} to any
>  done
>  ipfw add deny udp from any to ${myip}
>  ipfw add deny tcp from any to ${myip}
>  
>  Why should we special case this?

Because this doesn't work for non-passive FTP for starters..

---
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum

PGP signature

Reply via email to