From owner-freebsd-security Fri May 10 22:23: 7 2002 Delivered-To: freebsd-security@freebsd.org Received: from math.teaser.net (math.teaser.net [213.91.2.4]) by hub.freebsd.org (Postfix) with ESMTP id AAD1A37B40A for ; Fri, 10 May 2002 22:23:03 -0700 (PDT) Received: from roadrunner.rominet.net (ATuileries-109-1-2-47.abo.wanadoo.fr [80.13.122.47]) by math.teaser.net (Postfix) with ESMTP id 347C06C85A; Sat, 11 May 2002 07:23:02 +0200 (CEST) Received: by roadrunner.rominet.net (Postfix, from userid 1000) id 652CB8167; Sat, 11 May 2002 07:23:00 +0200 (CEST) Date: Sat, 11 May 2002 07:23:00 +0200 From: Alain Thivillon To: Naughty Taz Cc: freebsd-security@freebsd.org Subject: Re: IPFW and IP/mask mathematics Message-ID: <20020511052300.GA22841@roadrunner.rominet.net> References: <001e01c1f79e$78612390$626a003e@homepc> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <001e01c1f79e$78612390$626a003e@homepc> User-Agent: Mutt/1.3.24i X-Organization: Rominet Networks Inc. X-Operating-System: FreeBSD 4.5-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Naughty Taz écrivait (wrote) : > Hi all, > > I've been trying to get a ruleset for IPFW but was unable to figure out > how to do it :( > I'd appreciate it if someone can reply with the right ruleset for the > following: > > 1) allow traffic from 0.0.0.0 - XXX.128.0.0 > 2) block traffic from XXX.128.0.0 - XXX.146.159.255 ipfw add deny all from xxx.128.0.0/12 to any ipfw add deny all from xxx.144.0.0/15 to any ipfw add deny all from xxx.146.0.0/16 to any ipfw add allow all from any to any -- Nom d'un chat de nom d'un chat ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message