ipfw='/sbin/ipfw -q'
${ipfw} table 22 flush
for ip in `cat /root/bin/mynetlist.db`; do
${ipfw} table 22 add $ip
done
#ssh
${ipfw} add allow tcp from 192.168.0.0/24,10.0.0.0/24 to me 22
${ipfw} add allow tcp from me 22 to 192.168.0.0/24,10.0.0.0/24
${ipfw} add allow tcp from FAILSAFE_HOST to me 22
${ipfw} add allow tcp from me 22 to FAILSAFE_HOST
${ipfw} add allow tcp from table\(22\) to me dst-port 22
${ipfw} add allow tcp from me 22 to table\(22\)
${ipfw} add deny log logamount 0 tcp from any to me 22