Date: Wed, 24 May 1995 12:52:04 -0400 (EDT) From: Network Coordinator <nc@ai.net> To: questions@FreeBSD.org Subject: IPFW - Docs?/Questions? Message-ID: <Pine.BSF.3.91.950524124821.372A-100000@aries.ai.net>
next in thread | raw e-mail | index | archive | help
I have been tinkering with IPFW as of late noticing that occassionally someone out there tries to ping -f a system or two over here. What I would ideally like to do is deny all icmp packets from the world as a general rule, but allow them from particular networks or hosts. For example ipfw addf deny icmp from 255.255.255.255/32 to 198.69.44.1 ipfw addf log icmp from 128.220.59.78/24 to 198.69.44.1 are both accepted commands and such. ipfw even reports the first as being a deny from 255.255.255.255:255.255.255.255 yet it does not work. When I specify particular class B addresses [/24] there is no problem, and everything works great. I do not want to change the world-policy to deny because that would also deny tcp and udp connects which I would prefer not to do. Any ideas on how to go about this? Thanks, -Jerry.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.950524124821.372A-100000>