|
Lines 1212-1218
Link Here
|
| 1212 |
will be allowed through the firewall: |
1212 |
will be allowed through the firewall: |
| 1213 |
.Pp |
1213 |
.Pp |
| 1214 |
.Dl "ipfw add check-state" |
1214 |
.Dl "ipfw add check-state" |
| 1215 |
.Dl "ipfw add allow tcp from my-subnet to any setup" |
1215 |
.Dl "ipfw add allow tcp from my-subnet to any setup keep-state" |
| 1216 |
.Dl "ipfw add deny tcp from any to any" |
1216 |
.Dl "ipfw add deny tcp from any to any" |
| 1217 |
.Pp |
1217 |
.Pp |
| 1218 |
A similar approach can be used for UDP, where an UDP packet coming |
1218 |
A similar approach can be used for UDP, where an UDP packet coming |
|
Lines 1220-1226
Link Here
|
| 1220 |
the firewall: |
1220 |
the firewall: |
| 1221 |
.Pp |
1221 |
.Pp |
| 1222 |
.Dl "ipfw add check-state" |
1222 |
.Dl "ipfw add check-state" |
| 1223 |
.Dl "ipfw add allow udp from my-subnet to any" |
1223 |
.Dl "ipfw add allow udp from my-subnet to any keep-state" |
| 1224 |
.Dl "ipfw add deny udp from any to any" |
1224 |
.Dl "ipfw add deny udp from any to any" |
| 1225 |
.Pp |
1225 |
.Pp |
| 1226 |
Dynamic rules expire after some time, which depends on the status |
1226 |
Dynamic rules expire after some time, which depends on the status |