From owner-freebsd-questions  Thu Mar 16 11:49: 5 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from horst.bfd.com (horst.bfd.com [12.9.219.10])
	by hub.freebsd.org (Postfix) with ESMTP id 6E62B37C227
	for <freebsd-questions@FreeBSD.ORG>; Thu, 16 Mar 2000 11:49:03 -0800 (PST)
	(envelope-from ejs@bfd.com)
Received: from HARLIE.bfd.com (bastion.bfd.com [12.9.219.14])
	by horst.bfd.com (8.10.0/8.10.0) with ESMTP id e2GJn0v72361;
	Thu, 16 Mar 2000 11:49:00 -0800 (PST)
Date: Thu, 16 Mar 2000 11:49:00 -0800 (PST)
From: "Eric J. Schwertfeger" <ejs@bfd.com>
To: bwoods2@uswest.net
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: IPFW...1 more question.....
In-Reply-To: <XFMail.000316113548.wwoods@cybcon.com>
Message-ID: <Pine.BSF.4.10.10003161146360.12778-100000@harlie.bfd.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, 16 Mar 2000, William Woods wrote:

> This firewall rule,
> 
> ipfw add 001 deny log ip from aol.com/24 to alpha.cybcon.com 
> 
> am I correct in assuming that this will block ALL traffic from aol.com to
> alpha.cybcon.com and log it?

Not exactly.  ipfw has to resolve domain names to ip addresses in user
space, at the time the rules are added.  aol.com resolves to
205.188.160.121 and 205.188.146.23.  More than likely this rule will block
the 205.188.160.0/24 netblock, and miss the rest of AOL.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message