Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!news-peer.gsl.net!hammer.uoregon.edu!csulb.edu!csus.edu!news From: stonebrother@sduteam.com (stonebrother) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Need help with IPFW and FreeBsd 2.1.7 Date: Thu, 24 Apr 1997 08:29:44 GMT Organization: California State University Sacramento Lines: 38 Message-ID: <335f1875.3761686@news.csus.edu> References: <01bc4b32$64587ce0$664c1bcc@tony.gcr1.com> <5j5kv0$bo6$1@thor.wirehub.nl> NNTP-Posting-Host: @u0104-p07.dialin.csus.edu X-Newsreader: Forte Free Agent 1.1/32.230 Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39660 On Thu, 17 Apr 97 16:56:59 GMT, gerard at@ signet.nl (Gerard Haagh) wrote: > >In article <01bc4b32$64587ce0$664c1bcc@tony.gcr1.com>, "Tony" <tony@gcr1.com> wrote: >>I'm trying to get info on setting this up so that I can block ONLY a few >>IPs from the box ...?? Any ideas ? >> >>Thanks, >>Tony >>-- >> >> >> >>>>>> N5GPI WWW SITE - HTTP://WWW.GCR1.COM/N5GPI <<<< >> Best Experienced with Microsoft Internet Explorer 2+ >> > >I assume that you have build a kernel with firewall option set. > >In /etc/rc.firewall, add following lines: > > ipfw flush > ipfw add reject all from ip-address/bits-in-netmask to any > ....repeat for each IP you want to block... > ipfw add allow all from any to any > > >where "bits-in-netmask" is 24 for a class C network. >eg.: ipfw add reject all from 194.178.13.34/24 to any >to deny access from 194....34 to your box. >The reject line refuses all IP traffic, including DNS ! Can Someone suggest more IP or DNS that we should BLOCK Thanks Stonebrother Newbie IN BSD