From owner-freebsd-questions Tue Dec 15 12:55:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA23686 for freebsd-questions-outgoing; Tue, 15 Dec 1998 12:55:30 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA23681 for ; Tue, 15 Dec 1998 12:55:28 -0800 (PST) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.9.1a/8.9.1) with SMTP id MAA12995; Tue, 15 Dec 1998 12:55:30 -0800 (PST) Date: Tue, 15 Dec 1998 12:55:30 -0800 (PST) From: Dan Busarow To: Briang cc: FreeBSD Subject: Re: IPFW In-Reply-To: <000501be27ef$331a9640$2900a8c0@brian-desktop.briang.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 14 Dec 1998, Briang wrote: > If I wanted to block a set if IP's can I do this ? > > $fwcmd add deny log tcp from 209.19.0.0/16 to any in via fxp0 > > I'm trying to block everthing from -> > 209.19.1.0/24 to 209.19.34.0/24 209.19.0.0/19 would block 209.19.0.0 - 209.19.31.0 add 209.19.32.0/24 33.0/24 and 34.0/24 Keeps you from blocking 55000 IPs outside of the 9000 or so you want to block Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message