From owner-freebsd-security Thu May 9 15:13:43 2002 Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (dav30.law15.hotmail.com [64.4.22.87]) by hub.freebsd.org (Postfix) with ESMTP id 70FA037B49F for ; Thu, 9 May 2002 15:12:49 -0700 (PDT) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 9 May 2002 15:12:49 -0700 X-Originating-IP: [62.0.106.98] From: "Naughty Taz" To: Cc: Subject: RE: IPFW and IP/mask mathematics Date: Fri, 10 May 2002 01:11:51 +0200 Message-ID: <004d01c1f7ae$e752ad90$626a003e@homepc> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <200205091557.13783.dowen@pstis.com> X-OriginalArrivalTime: 09 May 2002 22:12:49.0297 (UTC) FILETIME=[A7AED810:01C1F7A6] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hehehehe :) That was not my intention of course. Observe: 1) allow traffic from ANY to IP's in the range (0.0.0.0 - XXX.128.0.0) 2) block traffic from ANY to IP's in the range (XXX.128.0.0 - XXX.146.159.255) 3) allow traffic from ANY to IP's in the range (XXX.146.160.0 - 255.255.255.255) Is it more clear now? /Taz -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Dalin S. Owen Sent: ? 09 ??? 2002 23:57 To: Naughty Taz Cc: security@freebsd.org Subject: Re: IPFW and IP/mask mathematics What kind of "traffic", I wil assume you want to block "all" (tcp/udp/icmp/esp/ah/look in /etc/protocols for a list).... /sbin/ipfw add allow all from 0.0.0.0 to XXX.128.0.0 /sbin/ipfw add deny all from XXX.128.0.0 to XXX.146.159.255 /sbin/ipfw add allow all from XXX.146.160.0 to 255.255.255.255 There ya go.. :) On May 9, 2002 03:14 pm, Naughty Taz wrote: > Hi all, > > I've been trying to get a ruleset for IPFW but was unable to figure out > how to do it :( > I'd appreciate it if someone can reply with the right ruleset for the > following: > > 1) allow traffic from 0.0.0.0 - XXX.128.0.0 > 2) block traffic from XXX.128.0.0 - XXX.146.159.255 > 3) allow traffic from XXX.146.160.0 - 255.255.255.255 > > Thanks in advance. > > /Taz > > P.S.: IP's are imaginary of course. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message