From owner-freebsd-config@FreeBSD.ORG Sat Mar 6 06:14:42 2004 Return-Path: Delivered-To: freebsd-config@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 948D216A4CE for ; Sat, 6 Mar 2004 06:14:42 -0800 (PST) Received: from out010.verizon.net (out010pub.verizon.net [206.46.170.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD7FD43D39 for ; Sat, 6 Mar 2004 06:14:31 -0800 (PST) (envelope-from cswiger@mac.com) Received: from mac.com ([68.161.120.219]) by out010.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040306141430.NATU26728.out010.verizon.net@mac.com>; Sat, 6 Mar 2004 08:14:30 -0600 Message-ID: <4049DCA6.9020905@mac.com> Date: Sat, 06 Mar 2004 09:13:58 -0500 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Umar Draz References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out010.verizon.net from [68.161.120.219] at Sat, 6 Mar 2004 08:14:30 -0600 cc: freebsd-config@freebsd.org Subject: Re: Please Give me Right Answer X-BeenThere: freebsd-config@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Installation and Configuration List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Mar 2004 14:14:42 -0000 Umar Draz wrote: > this is my 4th question about ipfw2 and i can't get a proper answer of > my question. You're asking on the wrong lists; try freebsd-questions or freebsd-ipfw lists instead. > now my question is. If i want block my cable internet user in my > FreeBSD 4.9 machine thorugh ipfw2. then what kind of command i should > add in my /etc/ipfw.rules > > for excample i want block this ip 192.168.0.33 and this ip has this > mac address 00-40-50-EA-CD-00. Try one or both of the following to block outbound requests: ipfw add deny ip from 192.168.0.33 to any ipfw add deny ip from any to any mac any 00:40:50:EA:CD:00 In conjunction with a reasonable ruleset which denies inappropriate inbound connections to your network, this should address your question. -- -Chuck