Re: simple macros?

Hi,

> On Sun, Dec 05, 2004 at 06:46:02PM +0100, uhel wrote:
>> Hi,
>>
>> i've read that IPF 4.1.x supports simple macros but i've found no
>> example. I updated my NetBSD box to 2.0 which has IPF 4.1.3 but it
>> has an old manpage without macros..
>> Can anyone give me one or two examples howto use the marco thing?
>>

> Here are a few examples:

> ext_if="ex0";
> lo_if="lo0";
> tcp_flags="S/SA";
> tcp_services="(22, 80, 443)";
> private_nets="(192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8)";

> pass in quick on $lo_if all
> pass out quick on $lo_if all

> block in on $ext_if all
> block out on $ext_if all

> block in quick on $ext_if from $private_nets to any

> pass in quick on $ext_if proto tcp from any to any port = $tcp_services \
> flags $tcp_flags keep state
> pass in quick on $ext_if proto udp from any to any port = 53 keep state

> pass out quick on $ext_if all keep state

thanks a lot!

--
_ mailto:uhel@gmx.net
( ) --
x ASCII RIBBON CAMPAIGN
/ \ AGAINST HTML MAIL