Date: Wed, 3 Dec 2003 21:20:30 -0600 From: Chris <racerx@makeworld.com> To: iaccounts@northnetworks.ca Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw and ssh example Message-ID: <200312032120.30792.racerx@makeworld.com> In-Reply-To: <1070507627.416.90.camel@ptp.northnetworks.ca> References: <200312032055.58158.racerx@makeworld.com> <1070507627.416.90.camel@ptp.northnetworks.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 03 December 2003 09:13 pm, Steve Bertrand wrote:
> On Wed, 2003-12-03 at 21:55, Chris wrote:
> > Hiya folks.
> >
> > Please show me an example that I might use if I want to allow only one
> > IP address into a box via ssh, yet deny all others.
>
> The following will allow ssh from 192.168.1.3 to your box in through the
> 'rl0' interface, and deny all other ssh traffic to the box.
>
> # ipfw add 10 allow tcp from 192.168.1.3 to me 22 in via rl0 keep-state
> # ipfw add 11 deny tcp from any to me 22
How about this:
# ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state
Allowing a range of IP's?
BTW - Thank you everyone.
--
Best regards,
Chris
______________________________________________________________________
PGP Fingerprint = D976 2575 D0B4 E4B0 45CC AA09 0F93 FF80 C01B C363
PGP Mail encouraged / preferred - keys available on common key servers
______________________________________________________________________
01010010011000010110001101100101011100100101100000000000
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312032120.30792.racerx>