From owner-freebsd-ipfw Tue Mar 26 19:34:37 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from opensrs.saignon.net (216-120-17-67.dsl.cust.tfb.com [216.120.17.67]) by hub.freebsd.org (Postfix) with ESMTP id 7A36F37B400 for ; Tue, 26 Mar 2002 19:34:34 -0800 (PST) Received: from frankenmobl (216-120-17-17.dsl.cust.tfb.com [216.120.17.17]) by opensrs.saignon.net (8.11.6/8.11.3) with ESMTP id g2R3Z7b10174 for ; Tue, 26 Mar 2002 19:35:07 -0800 (PST) (envelope-from tony@saign.com) From: "Tony Saign" To: Subject: Rule to ignore/drop traffic from entire subnet?? Date: Tue, 26 Mar 2002 19:33:58 -0800 Message-ID: <000401c1d540$3adf71f0$1401a8c0@frankenmobl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have noticed certain IP address blocks (mostly from overseas), generating large logs on my router system. Is it possible to just drop/ignore and log all traffic originating from these subnets without affecting system performance with a rule or rules? Mar 24 00:19:55 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.72 in via fxp0 Mar 24 00:19:58 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.72 in via fxp0 Mar 24 00:21:18 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.70 in via fxp0 Mar 24 00:21:21 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.70 in via fxp0 Mar 24 00:22:58 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.65 in via fxp0 Mar 24 00:23:01 /kernel: ipfw: 3000 Deny ICMP:8.0 216.52.65.65 in via fxp0 Thanks in advance, -Tony To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message