Date: Sat, 19 Sep 1998 09:48:07 -0700 From: Gregory Sutter <gsutter@pobox.com> To: freebsd <freebsd@deadpig.lurid.net>, questions@FreeBSD.ORG Subject: Re: ipfw problem. Message-ID: <19980919094807.Q10104@notabene.zer0.org> In-Reply-To: <Pine.BSF.4.02.9809192057510.389-100000@deadpig.lurid.net>; from freebsd on Sat, Sep 19, 1998 at 09:05:56PM %2B0800 References: <Pine.BSF.4.02.9809192057510.389-100000@deadpig.lurid.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 19, 1998 at 09:05:56PM +0800, freebsd wrote: > hi guys, > > My ipfw rules: > 00100 divert 8668 ip from any to any via fxp0 > 00200 allow ip from any to any > 65535 deny ip from any to any > > But when i apply this rule: > ipfw add deny tcp from evil.net to deadpig.lurid.net 23 > > evil.net still _able_ to telnet to my machine. Try putting a rule number in your new rule. It's got to be smaller than 200, because at rule 200, you accept everything. So try ipfw add 0150 deny tcp from evil.net to bacon.hamhocks.net 23 Greg -- Gregory S. Sutter "How do I read this file?" mailto:gsutter@pobox.com "You uudecode it." http://www.pobox.com/~gsutter/ "I I I decode it?" PGP DSS public key 0x40AE3052 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980919094807.Q10104>