From owner-freebsd-questions Thu Mar 7 10:19:32 2002 Delivered-To: freebsd-questions@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-107-10.dsl.lsan03.pacbell.net [64.169.107.10]) by hub.freebsd.org (Postfix) with ESMTP id A358837B404 for ; Thu, 7 Mar 2002 10:19:06 -0800 (PST) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 308AA66C80; Thu, 7 Mar 2002 10:19:06 -0800 (PST) Date: Thu, 7 Mar 2002 10:19:06 -0800 From: Kris Kennaway To: chris Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw rules Message-ID: <20020307101905.B57408@xor.obsecurity.org> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="24zk1gE8NUlDmwG9" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from chris@dancingmoon-herbs.com on Thu, Mar 07, 2002 at 09:33:40AM -0600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --24zk1gE8NUlDmwG9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 07, 2002 at 09:33:40AM -0600, chris wrote: > I currently have a rule that denies all traffic not from an ip range=20 > in. I need to open that up to allow two distinct ip ranges in. =20 > Obviously adding a second deny not will not allow anyone in, how do I do= =20 > this? Add an allow rule for the first range, an allow rule for the second range, and a "deny all rule" after both of them to catch the rest. Kris --24zk1gE8NUlDmwG9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8h68ZWry0BWjoQKURAkNLAJ9/5vIjNl+5hZP68PuzRPaqLFA2+QCgknte 72wrhZBqcBAyPIiJvTVnL1A= =N1UB -----END PGP SIGNATURE----- --24zk1gE8NUlDmwG9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message