From owner-freebsd-questions  Tue Apr 14 13:33:24 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA07745
          for freebsd-questions-outgoing; Tue, 14 Apr 1998 13:33:24 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mail.ahnet.net (mail.ahnet.net [207.213.224.25])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA07736
          for <freebsd-questions@freebsd.org>; Tue, 14 Apr 1998 20:33:15 GMT
          (envelope-from webmaster@zwb.net)
Received: from znet-pdcs (icg-apc-pr1-p6.apc.net [207.211.76.160])
	by mail.ahnet.net (8.8.7/8.8.6) with SMTP id NAA00813;
	Tue, 14 Apr 1998 13:25:39 -0700 (PDT)
Message-Id: <3.0.5.32.19980414132959.00921100@207.213.224.25>
X-Sender: 5808.dima@207.213.224.25
X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32)
Date: Tue, 14 Apr 1998 13:29:59 -0700
To: spork <spork@cncn.com>
From: Dima Dorfman <webmaster@zwb.net>
Subject: Re: IPFW
Cc: freebsd-questions@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.96.980414162215.367C-100000@pigstuy>
References: <3.0.5.32.19980414131259.00928650@207.213.224.25>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Can you machine look up localhost?  How about panix.com?

Do you get an error message?

At 04:23 PM 4/14/98 -0400, you wrote:
>On Tue, 14 Apr 1998, Dima Dorfman wrote:
>
>> You need to specify a rule number, like:
>> 
>> ipfw add 1000 deny tcp from localhost to panix.com
>> 
>> At 04:09 PM 4/14/98 -0400, you wrote:
>> >Hello.
>> >
>> >	Just for practice I am configuring a fire wall on my computer. I
>> >don't need one, but I want to get the experience under my belt. I have a
>> >shell script I wish to execute to set up the rules to my firewall.
>> >it reads:
>
>[snip]
>
>> > I have shell access on panix.com and can therefore attempt to test my
>> >firewall from their machinces. ipfw ignores the first two commands, so my
>> >firewall ends up looking like this:
>> >
>> >00000 allow ip from any to any
>> >65534 deny ip from any to any
>
>My ipfwcommands script now reads:
>
>#!/bin/sh
>
>ipfw add 10000 deny tcp from localhost to panix.com
>ipfw add 10010 deny tcp from panix.com to localhost
>ipfw add allow ip from any to any
>
>and it still does not add the first two rules.
>
>
>
>	-Spike Gronim
>	 spork@cncn.com	
>
>
>		"Hacker, n: One who hacks real good"
>			--Computer Contradictionary
>
>

---
Thanks!
Dima Dorfman - dima@zwb.net

"640k ought to be enough for anybody." - Bill Gates, 1981 - Bill Gates


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message