From owner-freebsd-questions@FreeBSD.ORG Mon May 21 15:31:05 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 42C091065670 for ; Mon, 21 May 2012 15:31:05 +0000 (UTC) (envelope-from paul@ifdnrg.com) Received: from ifdnrg30.ifdnrg.com (ifdnrg30.ifdnrg.com [193.200.98.50]) by mx1.freebsd.org (Postfix) with ESMTP id D92968FC0A for ; Mon, 21 May 2012 15:31:04 +0000 (UTC) Received: from [192.168.1.75] (93-97-172-73.zone5.bethere.co.uk [93.97.172.73]) (authenticated bits=0) by ifdnrg30.ifdnrg.com (8.14.5/8.14.4) with ESMTP id q4LFV2iK077072 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Mon, 21 May 2012 16:31:03 +0100 (BST) (envelope-from paul@ifdnrg.com) Message-ID: <4FBA5FB3.5010900@ifdnrg.com> Date: Mon, 21 May 2012 16:30:59 +0100 From: Paul Macdonald User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: Ian Smith References: <20120521120027.716761065686@hub.freebsd.org> <20120521232412.B98171@sola.nimnet.asn.au> In-Reply-To: <20120521232412.B98171@sola.nimnet.asn.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: ipfw subnetting X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 May 2012 15:31:05 -0000 On 21/05/2012 14:50, Ian Smith wrote: > In freebsd-questions Digest, Vol 416, Issue 1, Message: 26 > On Mon, 21 May 2012 10:06:12 +0100 Paul Macdonald wrote: > > > can anyone suggest what i'm doing wrong here. > > > > Desired: drop everything from 180.0.0.0 to 180.255.255.255 > > > > ipfw -q add 137 deny all from 180.0.0.0/8 to any > > t23# ipfw -q add 137 deny all from 180.0.0.0/8 to any > t23# ipfw show 137 > 00137 0 0 deny ip from 180.0.0.0/8 to any > > So what doesn't work? (apart from scattergun removal of small pieces of > a whole lot of Asian countries, incl. Japan, Indonesia, Australia, .. :) it was intended as a required temporary measure, but even though it was listed in my ipfw list, i was/am still seeing traffic coming in via addresses such as 180.248.x.x A very open firewall test script is as follows: 00010 allow ip from any to any via lo0 00081 deny log ip from 180.0.0.0/8 to any 00100 check-state 00101 allow tcp from any to any established 00102 allow ip from any to any out keep-state 00103 allow icmp from any to any 65535 deny ip from any to any but i'm still seeing traffic from 180.149.29.102 180.234.116.61 180.234.36.44 180.234.237.119 180.234.72.115 I must be doing something wrong! Paul. > cheers, Ian > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- ------------------------- Paul Macdonald IFDNRG Ltd Web and video hosting ------------------------- t: 0131 5548070 m: 07970339546<