[ previous ] [ next ] [ threads ]
 
 From:  Bart Smit <bit at signature dot nl>
 To:  Jim McBeath <jimmc at macrovision dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] mods to firewall rule code
 Date:  Sat, 1 Nov 2003 21:31:38 +0100 (CET) 
Hi,

> I'm not following you here.  Previously, m0n0 did not support blocking
> rules, so any existing rule was a pass rule.  If you don't change the
> type to BLOCK, it will stay a pass rule.

Of course, but I meant that even if you have created "Block" rules, and
you come back later to edit them, the edit page will show "Pass" in the
rule type field. You always have to change it back.

> The sequence number is only used by m0n0 to sort the rules within the
> interface group; it is not passed to the backend.

Ok clear. I'm not at all familiar with ipf and I was assuming a similar
mechanism as in ipfw where 65535 is the highest possible number...

regards,

--Bart