From owner-freebsd-questions Sun Feb 19 04:11:16 1995 Return-Path: questions-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id EAA29544 for questions-outgoing; Sun, 19 Feb 1995 04:11:16 -0800 Received: from dns.netvision.net.il (root@dns.NetVision.net.il [194.90.1.5]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id EAA29531 for ; Sun, 19 Feb 1995 04:11:08 -0800 Received: from ugen.NetManage.co.il (ugen.netmanage.co.il [192.114.78.165]) by dns.netvision.net.il (8.6.9/8.6.9) with SMTP id OAA29899; Sun, 19 Feb 1995 14:10:16 +0200 Date: Sun, 19 Feb 95 14:08:50 IST From: "Ugen J.S.Antsilevich" Subject: RE: ipfw problem To: Pete Shipley Cc: freebsd-questions@freefall.cdrom.com X-Mailer: Chameleon 4.00-Arm-25, TCP/IP for Windows, NetManage Inc. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <18751.793000782.1@merde.dis.org> Sender: questions-owner@FreeBSD.org Precedence: bulk Hi! I figured out just now what was the problemm..it is simple as hell and probably should be in the ipfw.FAQ i will write..i also CCing this to -current as i realised just now you are the third guys saying the same thing... > deny tcp from 0.0.0.0:255.255.255.255 to merde.dis.org 111 ^^^^^^^^^^^^^^^^^^^^^^^^^^!!!!!!!!!!WRONG!!!!!!!!!!! Think about it,what did you meant to say: any host,right???Now when you want to put network,say 18.1.2.XXX you say it like: 18.1.2.0:255.255.255.0 Any host is equivalent to network of all hosts so it is: X.Y.Z.W:0.0.0.0!!!!!!,and in the simplest case you put it as: 0/0 i.e. the entry should be added as: deny tcp from 0/0 to host.you.needed.org > deny tcp from 0.0.0.0:255.255.255.255 to 0.0.0.0:255.255.255.255 515 deny tcp from 0/0 to 0/0 That's it..try:) -- -=Ugen J.S.Antsilevich=- NetVision - Israeli Commercial Internet | Learning E-mail: ugen@NetVision.net.il | To Fly. [c] Phone : +972-4-550330 |