Date: Wed, 03 Dec 2003 23:39:53 -0500 From: Steve Bertrand <iaccounts@northnetworks.ca> To: Chris <racerx@makeworld.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw and ssh example Message-ID: <1070512792.416.109.camel@ptp.northnetworks.ca> In-Reply-To: <200312032120.30792.racerx@makeworld.com> References: <200312032055.58158.racerx@makeworld.com> <1070507627.416.90.camel@ptp.northnetworks.ca> <200312032120.30792.racerx@makeworld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> How about this:
> # ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state
>
Sure, but the question was 1 IP. With IPFW2 (after July 2002), you can
even do this:
safenets="{ 192.168.1.0/24 or 192.168.2.0/24 or 10.0.2.0/24 }"
$cmd 20 allow tcp from $safenets to me 22 in via rl0 keep-state
$cmd 21 deny tcp from any to me 22
Which would allow all computers from all three subnets, saving you from
writing rules for each subnet.
Steve
> Allowing a range of IP's?
>
> BTW - Thank you everyone.
--
Steve Bertrand
President/CTO,
Northumberland Network Services
t: 905.352.2688
w: www.northnetworks.ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1070512792.416.109.camel>