[nycbug-talk] ipfw, ipf, pf comparison matrix
Trish Lynch
trish at bsdunix.net
Mon Sep 11 10:30:03 EDT 2006
Yes, as far as I know, there is no way to remove a connection from ther state table 'in place' like that, though I could be wrong.
You might be able to reset the rule keeping track of that connection, but its not granular enough.
I'll look into it more later if I have time.
-Trish
--
Trish Lynch
M: 646-401-1405
H: 201-378-0434
-----Original Message-----
From: Dru <dlavigne6 at sympatico.ca>
Date: Mon, 11 Sep 2006 09:19:40
To:Trish Lynch <trish at bsdunix.net>
Cc:Isaac Levy <ike at lesmuug.org>, NYC Bug List <talk at lists.nycbug.org>
Subject: Re: [nycbug-talk] ipfw, ipf, pf comparison matrix
On Sun, 10 Sep 2006, Trish Lynch wrote:
> What do you mean by "Flush", as ipfw has 'ipfw flush', if it means to flush
> rulesets 'in place'.
Sounds like time for a footnote as "flush" means something different to
each firewall. In ipfw it is used to flush rules, in pf it is used to
flush a connection out of the state table.
Dru
More information about the talk
mailing list