Date: Wed, 13 May 1998 20:08:49 -0700 From: Ludwig Pummer <ludwigp@bigfoot.com> To: Charlie Root <root@ftp1.mfn.org>, freebsd-questions@FreeBSD.ORG Subject: Re: IPFW Message-ID: <3.0.3.32.19980513200849.006b2188@mail.plstn1.sfba.home.com> In-Reply-To: <199805140217.VAA01596@ftp1.mfn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:17 PM 5/13/98 -0500, Charlie Root wrote:
>Is this a legal construct?
>
>ipfw add allow all tcp from 10.0.0.0:255.0.0.0 to any tcp 23
^---^-- either/or but not both ^
not sure about this one -----+
ipfw add allow tcp from 10.0.0.0:255.0.0.0 to any 23
>the idea being to allow any tcp based packets from my (obviously ficticious)
>net to any other, provided that these packets have a destination port of 23?
>(outbound telnet - and yes, I realize there is a LOT more to it, I'm just
>not familiar with IPFW syntax, and wanted to check it before I go ahead)...
look at /etc/rc.firewall's different ipfw commands and you can get a pretty
good idea of how it goes. One thing it _does_ neglect are rule numbers,
which make the line be "...add 5000 allow..." so that you can organize
restrictions better.
--Ludwig Pummer
ludwigp@bigfoot.com ludwigp@chipweb.ml.org
ICQ UIN: 692441 http://chipweb.home.ml.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19980513200849.006b2188>