[ previous ] [ next ] [ threads ]
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] When will grouping of hosts/networks for aliases be implemented into m0n0wall?
 Date:  Tue, 9 May 2006 20:43:59 -0400
On 5/9/06, boink <lordboink at gmail dot com> wrote:
> Does anyone have any comments on this approach?

Manuel has stated in the past that this isn't in m0n0wall because
ipfilter 3.x does not support host and service groupings.  It could be
abstracted by the back end, but you could unknowingly end up with some
very long rulesets (a single rule in the GUI with 10 hosts with 10
ports would be 100 rules in ipf).  Personally, that's still better
than manually entering 100 rules, if that's really what you need, but
that's Manuel's stance on it.

It's something we'll almost certainly see in 1.3 though, as whatever
packet filter ends up being chosen, it will support host and port