Date: Mon, 13 Aug 2001 10:42:39 -0600 From: Nate Williams <nate@yogotech.com> To: Peter Pentchev <roam@ringlet.net> Cc: default - Subscriptions <default013subscriptions@hotmail.com>, freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: Easy IPFW question... Message-ID: <15224.895.861427.828038@nomad.yogotech.com> In-Reply-To: <20010813165603.B1119@ringworld.oblivion.bg> References: <OE26Wd7KKQpQq5pneeF0000b932@hotmail.com> <20010813165603.B1119@ringworld.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'm kinda new to IPFW, and I was unable to figure this out by myself... > > > > I want to block an I.P. range, say 192.168.0.1, with a netmask of > > 255.255.0.0 ... > > > > The rule I tried was this: > > ipfw add deny log all from 192.168.0.1/16 to any via ed0 > > Try 192.168.0.0/16 - the bits that are zeroed in the netmask must be > also zeroed in the address. If so, then the ipfw parser is borken. :( It *shouldn't* matter what the last two bytes in this case are, as it doesn't matter to any of the other routing protocols. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15224.895.861427.828038>