Date: Sat, 27 Dec 2003 12:55:51 +0100
From: zk <zk@wspim.edu.pl>
To: freebsd-security@freebsd.org
Subject: Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ????
Message-ID: <20031227115551.GB604@hhos.serious.ld>
In-Reply-To: <004301c3c9d3$b0219860$1a6001cb@chalmers.com.au>
References: <004301c3c9d3$b0219860$1a6001cb@chalmers.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 24, 2003 at 02:09:12PM +1000, Robert Chalmers wrote:
> The man page gives this example, however, when I attempt to use it, it seems
> to block the whole set?
>
> Could someone tell me what's going wrong here please. Thanks heaps..
>
> This works,
> ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif}
>
> This blocks the whole IP block, not just the list?
> ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19 9,204-254} in via ${oif}
>
Do you use ipfw2?
It's not default on FreeBSD 4.x systems.
And maybe you should quote {}
${fwcmd} add deny log all from any to '203.1.96.0/24{2,6-25,27-154,156-199,204-254}' (...)
zk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031227115551.GB604>