From owner-freebsd-questions@FreeBSD.ORG Tue Apr 1 00:48:47 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1229137B401 for ; Tue, 1 Apr 2003 00:48:47 -0800 (PST) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBB9243F75 for ; Tue, 1 Apr 2003 00:48:45 -0800 (PST) (envelope-from sten.daniel.sorsdal@wan.no) X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Tue, 1 Apr 2003 10:48:37 +0200 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DE81@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: IPFW stateful deny question Thread-Index: AcL4K4CADv3pYnF3SdeszwhpUkvsGQ== From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: Subject: IPFW stateful deny question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2003 08:48:47 -0000 This one is for the archives. If anyone would donate their time to replying to this one, It would be = appreciated.=20 Im trying to setup a firewall that for a time-limited period block IP's = that send packets to specified ports. After time has expired the ip will be allowed again. With this setup; ipfw add 100 check-state ipfw add 1000 skipto 2000 tcp from any to any 445 ... ipfw add 2000 deny ip from any to any keep-state ... Would this setup a stateful block against that IP address, blocking all = IP traffic from that particularly evil ip Or would it just match the specifics? Would I have to do this instead to = achieve this? ipfw add 100 check-state ipfw add 1000 skipto 2000 tcp from any to any 445 keep-state ... ipfw add 2000 deny ip from any to any ... - Sten