In message <[EMAIL PROTECTED]>, Luigi Rizzo writes:
>> I think the general syntax would be if you could say "for one of my
>> own IP#" that would be very powerful:
>>
>> add allow tcp from any to me 22
>> add deny tcp from any to not me 22
>
>the 'me' thing is relatively simple to implement, it suffices to scan
>the list of IP associated with all interfaces. Can be time-consuming.
But less so that having one ipfw rule for each interface :-)
--
Poul-Henning Kamp FreeBSD coreteam member
[EMAIL PROTECTED] "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
