Date: Wed, 3 Dec 2003 21:20:30 -0600 From: Chris <racerx@makeworld.com> To: iaccounts@northnetworks.ca Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw and ssh example Message-ID: <200312032120.30792.racerx@makeworld.com> In-Reply-To: <1070507627.416.90.camel@ptp.northnetworks.ca> References: <200312032055.58158.racerx@makeworld.com> <1070507627.416.90.camel@ptp.northnetworks.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 03 December 2003 09:13 pm, Steve Bertrand wrote: > On Wed, 2003-12-03 at 21:55, Chris wrote: > > Hiya folks. > > > > Please show me an example that I might use if I want to allow only one > > IP address into a box via ssh, yet deny all others. > > The following will allow ssh from 192.168.1.3 to your box in through the > 'rl0' interface, and deny all other ssh traffic to the box. > > # ipfw add 10 allow tcp from 192.168.1.3 to me 22 in via rl0 keep-state > # ipfw add 11 deny tcp from any to me 22 How about this: # ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state Allowing a range of IP's? BTW - Thank you everyone. -- Best regards, Chris ______________________________________________________________________ PGP Fingerprint = D976 2575 D0B4 E4B0 45CC AA09 0F93 FF80 C01B C363 PGP Mail encouraged / preferred - keys available on common key servers ______________________________________________________________________ 01010010011000010110001101100101011100100101100000000000
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312032120.30792.racerx>