From owner-freebsd-questions@FreeBSD.ORG  Thu Apr 27 17:23:11 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0D64516A403
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Apr 2006 17:23:11 +0000 (UTC)
	(envelope-from keramida@ceid.upatras.gr)
Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1C12143D6D
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Apr 2006 17:23:02 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: from gothmog.pc (aris.bedc.ondsl.gr [62.103.39.226])
	(authenticated bits=128)
	by igloo.linux.gr (8.13.6/8.13.6/Debian-1) with ESMTP id k3RHMnWO023259
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Thu, 27 Apr 2006 20:22:51 +0300
Received: from gothmog.pc (gothmog [127.0.0.1])
	by gothmog.pc (8.13.6/8.13.6) with ESMTP id k3RHMpeU010189;
	Thu, 27 Apr 2006 20:22:51 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from giorgos@localhost)
	by gothmog.pc (8.13.6/8.13.6/Submit) id k3RHMpMC010188;
	Thu, 27 Apr 2006 20:22:51 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Date: Thu, 27 Apr 2006 20:22:51 +0300
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: list-freebsd-2004@morbius.sent.com
Message-ID: <20060427172251.GB10100@gothmog.pc>
References: <MIEPLLIBMLEEABPDBIEGGEKDHFAA.fbsd@a1poweruser.com>
	<200604271753.39217.list-freebsd-2004@morbius.sent.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200604271753.39217.list-freebsd-2004@morbius.sent.com>
X-Hellug-MailScanner: Found to be clean
X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-3.391,
	required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.81,
	BAYES_00 -2.60, DNS_FROM_RFC_ABUSE 0.20)
X-Hellug-MailScanner-From: keramida@ceid.upatras.gr
X-Spam-Status: No
Cc: freebsd-questions@freebsd.org
Subject: Re: Simple firewall question: Blocking a handful of IPs
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Apr 2006 17:23:11 -0000

On 2006-04-27 17:53, RW <list-freebsd-2004@morbius.sent.com> wrote:
>On Thursday 27 April 2006 03:10, fbsd wrote:
>>H. Wade Minter wrote:
>>> I want all traffic allowed unfettered, except traffic from
>>> particular IPs to be completely blocked coming in.
>>>
>>> Can someone show me which ipf rules to use to get that result?
>>
>>   block in quick on rl0 from x.x.x.x  to any
>
> Unless the syntax is the same, that looks more like pf than ipf.

The syntax *is* the same, in this case.  The only ipf syntax
feature that ipf users are likely to miss from pf syntax is the
use of rule `groups', but this is not used here.