Date: Wed, 03 Dec 2003 23:39:53 -0500 From: Steve Bertrand <iaccounts@northnetworks.ca> To: Chris <racerx@makeworld.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw and ssh example Message-ID: <1070512792.416.109.camel@ptp.northnetworks.ca> In-Reply-To: <200312032120.30792.racerx@makeworld.com> References: <200312032055.58158.racerx@makeworld.com> <1070507627.416.90.camel@ptp.northnetworks.ca> <200312032120.30792.racerx@makeworld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> How about this: > # ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state > Sure, but the question was 1 IP. With IPFW2 (after July 2002), you can even do this: safenets="{ 192.168.1.0/24 or 192.168.2.0/24 or 10.0.2.0/24 }" $cmd 20 allow tcp from $safenets to me 22 in via rl0 keep-state $cmd 21 deny tcp from any to me 22 Which would allow all computers from all three subnets, saving you from writing rules for each subnet. Steve > Allowing a range of IP's? > > BTW - Thank you everyone. -- Steve Bertrand President/CTO, Northumberland Network Services t: 905.352.2688 w: www.northnetworks.ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1070512792.416.109.camel>