From owner-freebsd-questions@freebsd.org Sat Jan 23 01:48:36 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5CBB9A8D4F2 for ; Sat, 23 Jan 2016 01:48:36 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173]) by mx1.freebsd.org (Postfix) with ESMTP id 3E30718D3 for ; Sat, 23 Jan 2016 01:48:36 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from lowell-desk.lan (router.lan [172.30.250.2]) by be-well.ilk.org (Postfix) with ESMTP id 438DC33C22; Fri, 22 Jan 2016 20:41:56 -0500 (EST) Received: by lowell-desk.lan (Postfix, from userid 1147) id 5C8F039841; Fri, 22 Jan 2016 20:41:56 -0500 (EST) From: Lowell Gilbert To: JosC Cc: freebsd-questions@FreeBSD.org Subject: Re: IPFW deny ip range References: <56A2A4F5.3030907@cloudzeeland.nl> Reply-To: freebsd-questions@FreeBSD.org Date: Fri, 22 Jan 2016 20:41:56 -0500 In-Reply-To: <56A2A4F5.3030907@cloudzeeland.nl> (JosC's message of "Fri, 22 Jan 2016 22:53:57 +0100") Message-ID: <44powt3wd7.fsf@lowell-desk.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jan 2016 01:48:36 -0000 JosC writes: > I have this ip range that I would like to block (example ip): > > 123.xx.xx.xx > 123.1.xx.xx > 123.1.1.xx > > Can someone tell me how I can define best in ipfw.rules? If you're using ipfw, putting those things in a table and blocking from the table is the way to do this. The stock /etc/rc.firewall uses at least one table, so you can look at that as an example. I've never heard of ipfw.rules, though, so you may be a little confused.