Date: Mon, 10 Jul 2006 18:40:50 -0400 (EDT) From: Ensel Sharon <user@dhp.com> To: freebsd-net@freebsd.org Subject: counting (not) blocks of IPs in ipfw - please help Message-ID: <Pine.LNX.4.21.0607101838530.12027-100000@shell.dhp.com>
next in thread | raw e-mail | index | archive | help
I can't seem to get ipfw to handle a rule like this:
ipfw add 00100 count ip from any not { 10.20.0.0/16 or 10.30.0.0/16 } to
any via em0 in
The error is:
ipfw: missing ``to''
ipfw: unrecognised option [-1] 10.20.0.0/16
So if I remove the curlys and try just one IP block:
ipfw add 00100 count ip from any not 10.20.0.0/16 to any via em0 in
The error is:
ipfw: invalid separator <.> in <10.20.0.0/16>
Any help appreciated. Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0607101838530.12027-100000>