Date: Mon, 10 Dec 2001 23:14:08 +0000 From: Mike D <d01f1n@yahoo.com> To: freebsd-security@FreeBSD.ORG Subject: Re: ICMP from within only Message-ID: <20011210231442.DTMS3849.mta06-svc.ntlworld.com@there> In-Reply-To: <Pine.BSF.4.33.0112100100570.32121-100000@mail.af-inet.net> References: <Pine.BSF.4.33.0112100100570.32121-100000@mail.af-inet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Allows YOU to ping, and run traceroute. > $fwcmd add <number> allow icmp from any to <IP> via <device> icmptypes > 0,3,11 > > Denies others to ping you. > $fwcmd add <number> deny icmp from any to <IP> via <device> icmptypes 0,8 > > Allows pinging etc, from your personal network. > $fwcmd add <number> allow icmp from <internal network> to <internal IP> via > <device> icmptypes 0,8 the problem is that I have a dynamically assigned IP address, what could you suggest for this? Shall I just do the rule for 123.123.*? (123.123 being the first 2 numbers of the DHCP range) Thanks again in advance! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210231442.DTMS3849.mta06-svc.ntlworld.com>