From owner-freebsd-ipfw@FreeBSD.ORG Mon Oct 4 21:09:28 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3D3F16A4E1 for ; Mon, 4 Oct 2004 21:09:28 +0000 (GMT) Received: from regulus.redepegasus.com.br (regulus.redepegasus.com.br [200.195.111.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9854B43D1F for ; Mon, 4 Oct 2004 21:09:28 +0000 (GMT) (envelope-from jb@redepegasus.com.br) Received: from localhost (localhost.redepegasus.com.br [127.0.0.1]) by regulus.redepegasus.com.br (Postfix) with ESMTP id 59147B88C9 for ; Sat, 2 Oct 2004 06:12:55 -0300 (BRT) Received: from regulus.redepegasus.com.br ([127.0.0.1])port 10024) with ESMTP id 53068-10 for ; Sat, 2 Oct 2004 06:12:55 -0300 (BRT) Received: by regulus.redepegasus.com.br (Postfix, from userid 85) id 15E77B88C8; Sat, 2 Oct 2004 06:12:55 -0300 (BRT) Received: from polaris (unknown [200.195.111.170]) by regulus.redepegasus.com.br (Postfix) with ESMTP id B91D9B88E2 for ; Sat, 2 Oct 2004 06:12:54 -0300 (BRT) Message-ID: <005101c4a85f$e16d6960$aa6fc3c8@redepegasus.com.br> From: =?iso-8859-1?Q?Juli=E3o_Braga_-_Rede_Pegasus?= To: Date: Sat, 2 Oct 2004 06:12:02 -0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Sanitizer: Advosys mail filter MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit Subject: ipfw2 syntax to specify address sets and or-blocks X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Oct 2004 21:09:29 -0000 Hi, I'm using a 5.2.1 version: [root@unidade1 root]# uname -a FreeBSD unidade1.redepegasus.com.br 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Fri Jun 18 15:08:10 BRT 2004 root@unidade1.redepegasus.com.br:/usr/src/sys/i386/compile/UNIDADE1 i386 and created the following rules: ipsmsn="{ 192.168.0.0/24{1,6,23,58,65,111} or 192.168.1.0/24{32,34,60} or 192.168.3.0/24{4} }" ... ipfw add 00200 check-state ... #KAZAA/MSN/YAHOO ipfw add 40210 allow all from any to ${ipsmsn} 1863,5050,5190 keep-state ipfw add 40211 allow all from ${ipsmsn} to any 1863,5050,5190 keep-state #additional MSN ports ipfw add 40212 allow all from any to ${ipsmsn} 6891-6901,6801,2001-2120,7801-7825 keep-state ipfw add 40213 allow all from ${ipsmsn} to any 6891-6901,6801,2001-2120,7801-7825 keep-state ipfw add 40214 deny all from any to any 6891-6901,6801,2001-2120,7801-7825 keep-state ipfw add 40223 deny all from any to any 5190 keep-state # ICQ deny And I'm getting from ipfw -a l: ... 40210 0 0 allow ip from any to 0.0.7.71,0.0.19.186,0.0.20.70 keep-state Some help about? Thank you, Juliao --- Rede Pegasus http://www.redepegasus.com.br