Date: Wed, 26 Aug 1998 21:44:19 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: Khetan Gajjar <khetan@iafrica.com> Cc: questions@FreeBSD.ORG Subject: Re: Telnet attempts blocked by ipfw Message-ID: <Pine.BSF.4.02A.9808262143480.7487-100000@shell6.ba.best.com> In-Reply-To: <Pine.BSF.3.96.980826235847.13015U-100000@chain>
next in thread | previous in thread | raw e-mail | index | archive | help
ipfw add 100 reset log tcp from host.dom.ain to any 23
modify to your like :)
-- Yan
www.best.com/~jkb/ Unix users of the world unite:
www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com
"Turn up the lights, I don't want to go home in the dark."
On Thu, 27 Aug 1998, Khetan Gajjar wrote:
>Hi.
>
>I've got 00000 unreach filter-prohib log ip from any to any
>in my ipfw configuration, but this appears to only be
>affective for pings and traceroutes. Is there any way
>to get telnet's and the like to terminate immediately
>with some kind of error to the effect of connection
>refused without actually refusing the connection, but having
>ipfw do it ?
>
>I'm running 2.2.7-STABLE :
>FreeBSD 2.2.7-STABLE #0: Sat Aug 1 18:39:06 SAT 1998
>
>Basically, I'd like it so that someone types
>telnet host.dom.ain, and gets rejected immediately, and not
>keep trying until his telnet client times out, and fill my
>console with rejects.
>
>TIA.
>
>---
>Khetan Gajjar (!kg1779) * khetan@iafrica.com ; khetan@os.org.za
>http://www.os.org.za/~khetan * Talk/Finger khetan@chain.freebsd.os.org.za
>UUNET Internet Africa Support * FreeBSD enthusiast-www2.za.freebsd.org
>FreeBSD: Because rebooting is for adding new hardware
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.02A.9808262143480.7487-100000>