Date: Thu, 16 Aug 2001 19:53:59 +0700 From: Roman Zabolotnikov <romaha@eoffice.ru> To: freebsd-security@freebsd.org Subject: RE: Quick IPFW Rule Question Message-ID: <D56EF1EAF8CCD21180A8009027177D3B6BF88B@fs.novosoft.ru>
next in thread | raw e-mail | index | archive | help
> > Hi, > > What would be the best rule to allow all incoming traffic > from one specific > I.P. address? (for a machine with 2 I.P.s bound to the NIC...) I guess it'd be like this. /sbin/ipfw add allow all from 123.123.123.123 to any via fxp0 /sbin/ipfw add reject all from any to any via fxp0 You should change "fxp0' from my example to your external interface name. > > Also, what would be the best rule to allow all outgoing > traffic from my > local machine? The same way. /sbin/ipfw add allow from 132.132.132.132 to any via fxp0 /sbin/ipfw add reject all from any to any via fxp0 But be carefully with "reject all" rule. It should be the last line in your firewall rules. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D56EF1EAF8CCD21180A8009027177D3B6BF88B>