From owner-freebsd-questions Tue May 28 3:22:10 2002 Delivered-To: freebsd-questions@freebsd.org Received: from dns.perimeter.co.za (dns.perimeter.co.za [196.25.164.254]) by hub.freebsd.org (Postfix) with ESMTP id 01C4737B401 for ; Tue, 28 May 2002 03:22:04 -0700 (PDT) Received: from PATRICK (loopback.mipjhb [209.212.102.245] (may be forged)) by dns.perimeter.co.za (8.11.1/8.11.1) with SMTP id g4SALm103155; Tue, 28 May 2002 12:21:49 +0200 (SAST) (envelope-from bsd@perimeter.co.za) Message-ID: <01c101c20631$2b107c20$b50d030a@PATRICK> From: "Patrick O'Reilly" To: "Chris Appleton" , References: <20020528100031.56453.qmail@web14802.mail.yahoo.com> Subject: Re: ipfw range filter? Date: Tue, 28 May 2002 12:19:32 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ----- Original Message ----- From: "Chris Appleton" > is it possible to filter a range of ip's with one rule? > > unfortunately i've got a c class and just have the one subnet so i > don't think i can use /x for instance. i could try and create proper > subnets, but of course want the quickie. > > i don't like having 60 rules for pop and smtp to hosted servers. Chris, The /x notation is specifically for subnets - so I'm sure you can do this. For example, if your subnet is 100.100.100.32 to 100.100.100.63, with a subnet mask of 255.255.255.224, then you could construct rules like this: ipfw add 100 allow tcp from any to 100.100.100.32/27 25 setup # smtp ipfw add 100 allow tcp from any to 100.100.100.32/27 110 setup # pop Hope this helps... Regards, Patrick O'Reilly. ___ _ __ / _ )__ __ (_)_ __ ___ _/ /____ __ / __/ -_) _) / ~ ) -_), ,-/ -_) _) /_/ \__/_//_/_/~/_/\__/ \__/\__/_/ http://www.perimeter.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message