From owner-freebsd-questions@FreeBSD.ORG  Wed Feb  8 23:35:03 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4EE5316A420
	for <freebsd-questions@freebsd.org>;
	Wed,  8 Feb 2006 23:35:03 +0000 (GMT)
	(envelope-from drew@mykitchentable.net)
Received: from relay04.roc.ny.frontiernet.net (relay04.roc.ny.frontiernet.net
	[66.133.182.167])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EC80243D45
	for <freebsd-questions@freebsd.org>;
	Wed,  8 Feb 2006 23:35:00 +0000 (GMT)
	(envelope-from drew@mykitchentable.net)
Received: from blacklamb.mykitchentable.net
	(70-97-220-126.dsl2.elk.ca.frontiernet.net [70.97.220.126])
	by relay04.roc.ny.frontiernet.net (Postfix) with ESMTP id 0D42235940C; 
	Wed,  8 Feb 2006 23:19:27 +0000 (UTC)
Received: from [192.168.25.6] (unknown [192.168.25.6])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by blacklamb.mykitchentable.net (Postfix) with ESMTP id 799E7AE6F7;
	Wed,  8 Feb 2006 15:19:25 -0800 (PST)
Message-ID: <43EA7C7C.8060500@mykitchentable.net>
Date: Wed, 08 Feb 2006 15:19:24 -0800
From: Drew Tomlinson <drew@mykitchentable.net>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: Chuck Swiger <cswiger@mac.com>
References: <43EA75C6.4010204@mykitchentable.net> <43EA7A89.7090501@mac.com>
In-Reply-To: <43EA7A89.7090501@mac.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new-2.3.2 (20050629) at
	filter02.roc.ny.frontiernet.net
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: Best Way To Block Range of Addresses with ipfw2?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2006 23:35:03 -0000

On 2/8/2006 3:11 PM Chuck Swiger wrote:
> Drew Tomlinson wrote:
>   
>> I want to deny access to addresses in this range:
>>
>> 84.57.113.0 - 84.61.96.255
>>
>> What is the best way to specify this range for ipfw2?  There must be a
>> better way than listing a whole bunch of individual networks.
>>     
>
> deny ip from 84.56.0.0/13 to any
>
> ...comes pretty close.  Use finer-grained allow rule before that if you need to
> pass stuff in 84.56.0.0/16, for example.
>   

Thanks.  I found that too but was just wondering if there was a way to 
be exact.

Drew

-- 
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com