From owner-freebsd-net@FreeBSD.ORG  Tue Jul 11 18:27:03 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CE16616A4DA
	for <freebsd-net@freebsd.org>; Tue, 11 Jul 2006 18:27:03 +0000 (UTC)
	(envelope-from linux@giboia.org)
Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.177])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4923843D73
	for <freebsd-net@freebsd.org>; Tue, 11 Jul 2006 18:27:03 +0000 (GMT)
	(envelope-from linux@giboia.org)
Received: by py-out-1112.google.com with SMTP id c63so3820276pyc
	for <freebsd-net@freebsd.org>; Tue, 11 Jul 2006 11:27:02 -0700 (PDT)
Received: by 10.35.123.10 with SMTP id a10mr6996240pyn;
	Tue, 11 Jul 2006 11:27:02 -0700 (PDT)
Received: by 10.35.57.19 with HTTP; Tue, 11 Jul 2006 11:27:02 -0700 (PDT)
Message-ID: <6e6841490607111127l5dc5bcfaif36966bc941afdfe@mail.gmail.com>
Date: Tue, 11 Jul 2006 15:27:02 -0300
From: "Gilberto Villani Brito" <linux@giboia.org>
To: freebsd-net@freebsd.org
In-Reply-To: <Pine.LNX.4.21.0607101838530.12027-100000@shell.dhp.com>
MIME-Version: 1.0
References: <Pine.LNX.4.21.0607101838530.12027-100000@shell.dhp.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Re: counting (not) blocks of IPs in ipfw - please help
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2006 18:27:03 -0000

Try:
ipfw add 00100 count ip from not {10.20.0.0/16,10.30.0.0/16} to any via em0
in

Gilberto

2006/7/10, Ensel Sharon <user@dhp.com>:
>
>
>
> I can't seem to get ipfw to handle a rule like this:
>
>
> ipfw add 00100 count ip from any not { 10.20.0.0/16 or 10.30.0.0/16 } to
> any via em0 in
>
> The error is:
>
> ipfw: missing ``to''
> ipfw: unrecognised option [-1] 10.20.0.0/16
>
>
>
> So if I remove the curlys and try just one IP block:
>
> ipfw add 00100 count ip from any not 10.20.0.0/16 to any via em0 in
>
> The error is:
>
> ipfw: invalid separator <.> in <10.20.0.0/16>
>
>
> Any help appreciated.  Thanks.
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>