On Fri, 4 Apr 2003, Alan Barrett wrote:

> > To start with I could ask if there is any good iplogin solution availab=
le
> > for netbsd.
>
> What do you mean when you say "good iplogin solution"?

A solution that works?


> > If not, is there any possibility to run ipfw on netbsd?
>
> ipfw is not part of NetBSD, but you might be able to port it.

I know it isn't part of netbsd, that's why I'm writing, hoping that
someone already had done this.


> > If not, is there any possibility to dynamically add and remove ipf rule=
s
> > in the middle of a ruleset?
>
> Yes.  See the ipfw.conf(5) man page, and search for the word 'insert'.

ipfw is not ipf.


> Alternatively, you could dynamically build an entire replacement ruleset
> (say using a script that rewrites /etc/ipf.conf), and atomically switch
> to the new ruleset (say using "/etc/rc.d/ipfilter reload", or using "ipf
> -s").

I was thinking about this one too... but that's not a nice solution. :(

perhaps I'll go for freebsd or nomad.

--=20
/P=E5llen - http://www.astrakan.hig.se/~pollen