Date: Thu, 19 Feb 2004 09:52:21 +0100 From: Alex de Kruijff <freebsd@akruijff.dds.nl> To: Saint Aardvark the Carpeted <aardvark@saintaardvarkthecarpeted.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: IPFW rules Message-ID: <20040219085221.GB995@alex.lan> In-Reply-To: <20040218044609.GG2197@hardesty.saintaardvarkthecarpeted.com> References: <000701c3f597$f4a53380$3501a8c0@peter> <20040218044609.GG2197@hardesty.saintaardvarkthecarpeted.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Articles based on solutions that I use: http://www.kruijff.org/alex/index.php?dir=docs/FreeBSD/ On Tue, Feb 17, 2004 at 08:46:09PM -0800, Saint Aardvark the Carpeted wrote: > Peter Rosa disturbed my sleep to write: > > please what's the difference between this ipfw rules: > > > > ${fwcmd} add 63000 deny ip from any to 0.0.0.255:0.0.0.255 in via ${oif} > > This denies broadcasts coming in to your machine through the outside > interface. The rule number is specified here, and it's rather high; if > it's not stopping the traffic you think it should, there may be another > rule earlier that's allowing it through. > > I'm not certain, but I think the address "0.0.0.255:0.0.0.255" means > "anything ending in .255" It just an invalid IP adress. At least the first tree number have to be zero. The invalid IP adress 0.0.0.0 is usaly used by DHCP server (and maybe clients). This value can be used to filther that without fithering anything. Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040219085221.GB995>