From owner-freebsd-questions  Tue Jul 30  5:32:24 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BF49D37B400
	for <freebsd-questions@FreeBSD.ORG>; Tue, 30 Jul 2002 05:32:21 -0700 (PDT)
Received: from mail.cics.co.za (mail.cics.co.za [196.15.196.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0815943E31
	for <freebsd-questions@FreeBSD.ORG>; Tue, 30 Jul 2002 05:32:17 -0700 (PDT)
	(envelope-from mark@netchat.co.za)
Received: (qmail 29961 invoked by uid 85); 30 Jul 2002 12:36:28 -0000
Received: from unknown (HELO mark.igate.org.za) (196.15.196.5)
  by mail.cics.co.za with SMTP; 30 Jul 2002 12:36:25 -0000
Date: Tue, 30 Jul 2002 14:31:33 +0200
From: Mark Pearce <mark@netchat.co.za>
To: freebsd-questions@FreeBSD.ORG
Subject: ipfw weirdness
Message-Id: <20020730143133.217d5d2d.mark@netchat.co.za>
Organization: Netchat
X-Mailer: Sylpheed version 0.7.8claws (GTK+ 1.2.10; i386-portbld-freebsd4.6)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by AMaViS perl-11
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi all

I have the following situation, I have a client behind my box running exchange, and they are getting spammed to death, I want to disallow all incoming traffic to their box, but allow incoming traffic from their secondries only, the secondries are not getting spammed at this moment.

I am running a ipfw / natd combination 

My default ruleset is allow all
I run the command 

ipfw add allow 200 tcp from 196.x.x.x to 196.x.x.y 25 

and it effectivly blocks everything coming from anywhere even although I have just allowed it, if I remove the rule, it works fine again.

If I run the rule
ipfw add 200 deny tcp from not 196.x.x.x to 196.x.x.y 25 it works on the port, but blocks all other traffic which is not what I had in mind.

What am I overlooking here.

Help

Mark

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message