From owner-freebsd-questions  Mon Jun  4 11:57:45 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id 6443737B401
	for <questions@FreeBSD.ORG>; Mon,  4 Jun 2001 11:57:37 -0700 (PDT)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f54KFtK88266;
	Mon, 4 Jun 2001 15:15:56 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Mon, 4 Jun 2001 15:15:55 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: andy t <g_et1@hotmail.com>
Cc: questions@FreeBSD.ORG
Subject: Re: firewall ?
In-Reply-To: <F127TebfJpbi7Phnzia0000cd17@hotmail.com>
Message-ID: <Pine.BSF.4.21.0106041508220.87716-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Mon, 4 Jun 2001, andy t wrote:

> Hi,
> 

> my machine has 3 ips and everything is firewall, so that there is no
> cnnection in/out. how to make 1 ip only enable to in/out and the rest
> of ips are blocked ?

	Since you didn't submit enough info, I will make assumptions about
	your setup.  Nevertheless, here is an ipfw ruleset:

	ipfw add 1000 allow ip from X.X.X.X to any
	ipfw add 1001 allow ip from any to X.X.X.X
	ipfw add 2000 deny ip from any to any


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
  "FreeBSD: The Power to Serve!"



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message