Date: Sun, 18 Jan 2009 00:38:41 -0800 (PST) From: fbsdmail@dnswatch.com To: freebsd-ipfw@freebsd.org Subject: possible to block one address on all ports? Message-ID: <1528c4e04e7e0d186cf8a9d9c4974ad6.dnswclient@webmail.dnswatch.com>
next in thread | raw e-mail | index | archive | help
Greetings, I have what I hope is a simple question that I /hope/ has a simple option. Here's my scenario; My current filtering is done on an application/ service level. While I'm anxious to migrate this to IPFW, I'm don't yet have the time available that will be required. But I have a situation that requires the need to drop any, and all requests from one single IP address. So I thought I might seize this situation as an opportunity to "get my feet wet" with IPFW. So here's my question; Is it possible for me to use IPFW without altering any traffic - that is; nothing changes on incoming/outgoing EXCEPT where this /evil/ IP is concerned? Or, can I start IPFW, and use it to ONLY drop all requests from this /evil/ IP no matter which ports that IP makes a request on? I can? Can/would anyone be willing to tell me how? Apologies in advance, I realize this is pretty "ground level stuff". But I feel if I could get a good start, getting up to speed from there will be a greatly shortened learning curve. Thank you for all your time and consideration. --Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1528c4e04e7e0d186cf8a9d9c4974ad6.dnswclient>