Date: Mon, 27 Mar 2000 18:50:20 -0500 (EST) From: Omachonu Ogali <oogali@intranova.net> To: Blake Matheny <matheny@bussert.com> Cc: freebsd-security@freebsd.org Subject: Re: Firewall Rules Message-ID: <Pine.BSF.4.10.10003271849520.1294-100000@hydrant.intranova.net> In-Reply-To: <Pine.BSF.4.10.10003271156080.30553-100000@arf.bussert.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Try: ipfw add deny all from 192.168.2.1/24 to any On Mon, 27 Mar 2000, Blake Matheny wrote: > I have a standard dual homed firewall that has the following options > compiled in the kernel: > options IPFIREWALL > options IPFIREWALL_FORWARD > options IPDIVERT > I added the following rule to my firewall rules list to disallow 1 > workstation from having access to the internet: > ipfw add deny tcp from 192.168.2.1/24 to any setup > ipfw add deny tcp from 192.168.2.1/24 to any > This machine is running nat and routed. Although these rules are loaded as > shown by ipfw list this machine still has access to the internet, is this > a flaw in my syntax, implementation, or what? Thanks. > > Blake Matheny > Network Engineer > Bussert Consulting > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- +-------------------------------------------------------------------------+ | Omachonu Ogali oogali@intranova.net | | Intranova Networking Group http://tribune.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-------------------------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10003271849520.1294-100000>