Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????

• Previous message: zk: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ????"
• In reply to: zk: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ????"
• Next in thread: Brett Glass: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????"
• Reply: Brett Glass: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <freebsd-security@freebsd.org>
Date: Sun, 28 Dec 2003 08:38:45 +1000

Hi,
Thanks. I was only running ipfw, not ipfw2. Put ipfw2 in place and all probelms solved.

cheers
Robert
  ----- Original Message -----
  From: zk
  To: freebsd-security@freebsd.org
  Sent: Saturday, December 27, 2003 9:55 PM
  Subject: Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????

  On Wed, Dec 24, 2003 at 02:09:12PM +1000, Robert Chalmers wrote:
> The man page gives this example, however, when I attempt to use it, it seems
> to block the whole set?
>
> Could someone tell me what's going wrong here please. Thanks heaps..
>
> This works,
> ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif}
>
> This blocks the whole IP block, not just the list?
> ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19 9,204-254} in via ${oif}
>

  Do you use ipfw2?
  It's not default on FreeBSD 4.x systems.
  And maybe you should quote {}
  ${fwcmd} add deny log all from any to '203.1.96.0/24{2,6-25,27-154,156-199,204-254}' (...)

  zk
  _______________________________________________
  freebsd-security@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-security
  To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: zk: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ????"
• In reply to: zk: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ????"
• Next in thread: Brett Glass: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????"
• Reply: Brett Glass: "Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: address specified as 1.2.3.4/24{128,35-55,89} Is this Correct ???? ... Do you use ipfw2? ... It's not default on FreeBSD 4.x systems. ... And maybe you should quote ... To unsubscribe, ... (FreeBSD-Security) RE: Bridging and IPFW ... No impact whatsoever! ... >>According to what I have read, using ipfw2 I should now be able to ... >>properly filter by MAC address..so I wrote up some rules! ... To unsubscribe, ... (freebsd-questions) Re: Best way to filter "Nachi pings"? ... On Mon, 27 Oct 2003, Jarkko Santala wrote: ... So, using IPFW2, a rule to block the nachi ping would look like: ... Speednet Communications ... To unsubscribe, ... (FreeBSD-Security) Denying Multiple login in samba with ipfw2 ... Can i deny multiple login with the same username in samba using ipfw2? ... RdBSD ... IT Staff ... To unsubscribe, ... (freebsd-questions) Re: unicast octets statistics ... ifInOctets counts broadcasts too. ... I finished with ipfw2, thank you all. ... Eugene ... To unsubscribe, ... (freebsd-net)