Patches for IPFW
by Alter (alterX@alter.org.ua (remove X))
- adds commands zshow, replace
- option for ignoring ALL errors
- skipto tablearg
- indexing of rules in kernel (index table) for fast handling of skipto tablearg,
and effective add/remove of large amount of rules.
Patchs for IPFW, FreeBSD 7.1-RELEASE and 7.2-RELEASE.
ipfw.71.patch.gz
ipfw.72.patch.gz
Adds commands zshow, replace. -i option (ignore all errors) is united with -q.
If 7.2 man clarisies meaning of error ignoring when -q is used. So, separate option -Q
for ignoring all errors is revoked.
ipfw_idx.70.patch.gz
ipfw_idx.71.patch.gz
ipfw_idx.72.patch.gz
skipto tablearg
indexing of rules in kernel (index table) for fast handling of skipto tablearg,
and effective add/remove of large amount of rules
2010.01.01
Patch for IPFW, FreeBSD 7.0-STABLE.
ipfw.70.patch.gz
Still adds commands zshow, replace. -i option is united with -q,
2008.06.30
Patch for IPFW from FreeBSD 6.3.
ipfw.63.patch.gz
All listed below patches
2008.06.30
Patches for IPFW from FreeBSD 6.2-RELEASE-p5.
all updates
ipfw.62.patch.gz
All listed below patches
2007.09.03
zshow
ipfw-zshow.patch.gz
Adds 'zshow' command, which shows rule counters and immediately resets them to zero. Is useful for traffic counters.
ipfw zshow 1000
2007.09.03
ignore errors + replace
ipfw-ignore_err_opt.patch.gz
Adds 'replace' command, which adds rule if it doesn't exist yet or replaces existing.
ipfw replace 200 count ip from any to any via fxp0
Also adds '-i' switch to command line and ruleset file format. When '-i' is used, all rules containing errors will be
rejected, but correct rules will be applied. IPFW shall not stop on the 1st invalid rule. It is useful when loading ruleset from file.
ipfw -i /etc/firewall.conf
2007.09.03
alterX@alter.org.ua (remove X)
|
