Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.mel.connect.com.au!news.syd.connect.com.au!phaedrus.kralizec.net.au!news.mel.aone.net.au!news.netspace.net.au!news.mira.net.au!vic.news.telstra.net!news.telstra.net!news.att.net.au!news.att.net.hk!newsgate.cuhk.edu.hk!news-hk.gsl.net!news.gsl.net!news-peer.gsl.net!news-peer.sprintlink.net!news.sprintlink.net!sprint!howland.erols.net!feed1.news.erols.com!dispatch.news.demon.net!demon!fido.news.demon.net!demon!new s2.euro.net!wirehub!orion From: gerard at@ signet.nl (Gerard Haagh) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Need help with IPFW and FreeBsd 2.1.7 Date: Thu, 17 Apr 97 16:56:59 GMT Organization: Wirehub! Internet Message-ID: <5j5kv0$bo6$1@thor.wirehub.nl> References: <01bc4b32$64587ce0$664c1bcc@tony.gcr1.com> NNTP-Posting-Host: asy15.signet.nl X-Newsreader: News Xpress 2.0 Beta #0 Lines: 32 Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39283 In article <01bc4b32$64587ce0$664c1bcc@tony.gcr1.com>, "Tony" <tony@gcr1.com> wrote: >I'm trying to get info on setting this up so that I can block ONLY a few >IPs from the box ...?? Any ideas ? > >Thanks, >Tony >-- > > > >>>>> N5GPI WWW SITE - HTTP://WWW.GCR1.COM/N5GPI <<<< > Best Experienced with Microsoft Internet Explorer 2+ > I assume that you have build a kernel with firewall option set. In /etc/rc.firewall, add following lines: ipfw flush ipfw add reject all from ip-address/bits-in-netmask to any ....repeat for each IP you want to block... ipfw add allow all from any to any where "bits-in-netmask" is 24 for a class C network. eg.: ipfw add reject all from 194.178.13.34/24 to any to deny access from 194....34 to your box. The reject line refuses all IP traffic, including DNS ! Gerard Haagh gerard at signet.nl.