Hi

I've been able to configure IPF for my own firewall.  Seems to be 
working.  'ipf -E' tells me that all the rule are loaded.  The output 
of various ipfstat commands tells me all is well.

Where it's gone wrong is when I have tried to tell IPF to block on a 
range of ports.  Done a search on the NetBSD mailing list archive and 
can't find anything that helps.

When I've put the following into /etc/ipf.conf I get an error 
message..

block in log quick on ippp0 proto tcp from any to any port = 6000:6003

when I do 'ipf -Fa -f /etc/ipf.conf' I get an error message which 
says... "unknown port "6000:6003"  "

Also tried 6000 <> 6003 and 6000 >< 6003.  Still get the same error 
message.  Also tried to remove the space between 6000 and >< and 
6003.  Still doesn't work. Can anyone give me the correct syntax for 
this ?  Read all the docs.  None of these give the correct syntax that 
will work.  Man ipf.conf came close with 6000 <> 6003 but that 
produces an error message which is "unknown words at end: [<>6003] ".  
IPF version 3.4.29

Thanks
 



Richard