From owner-freebsd-ipfw@FreeBSD.ORG Fri Mar 4 21:20:00 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2732616A4CE for ; Fri, 4 Mar 2005 21:20:00 +0000 (GMT) Received: from hermes.niicommunications.com (hermes.niicommunications.com [207.207.35.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F3C243D46 for ; Fri, 4 Mar 2005 21:19:59 +0000 (GMT) (envelope-from jhunt@akula.org) Received: from ASSP-nii (localhost.niicommunications.com [127.0.0.1]) id j24LJwti044538; Fri, 4 Mar 2005 15:19:59 -0600 (CST) Received: from 207.207.35.35 ([207.207.35.35] helo=[192.168.2.5]) by ASSP-nii ; 4 Mar 05 21:19:58 -0000 User-Agent: Microsoft-Entourage/11.0.0.040405 Date: Fri, 04 Mar 2005 15:19:57 -0600 From: Jason Hunt To: sn1tch Message-ID: In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit cc: freebsd-ipfw@freebsd.org Subject: Re: Quick Firewall Question X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2005 21:20:00 -0000 Thanks, I will give it a shot.. > From: sn1tch > Reply-To: sn1tch > Date: Fri, 4 Mar 2005 16:17:07 -0500 > To: Jason Hunt > Cc: > Subject: Re: Quick Firewall Question > > you could try: > > $oip = outside IP > $oif = outside interface > > ipfw add deny all from any to $oip 80 in via $oif > > or whatever port > > > On Fri, 04 Mar 2005 15:13:18 -0600, Jason Hunt wrote: >> Chuck, >> >> Thanks for your quick response. What I really need to do is to block >> specific ports on my outside interface NIC. In fact, I need to keep the 2nd >> NIC which is internal open to those ports. >> >>> From: Charles Swiger >>> Date: Fri, 4 Mar 2005 16:09:17 -0500 >>> To: Jason Hunt >>> Cc: >>> Subject: Re: Quick Firewall Question >>> >>> On Mar 4, 2005, at 4:01 PM, Jason Hunt wrote: >>>> Greetings, >>>> >>>> I have a machine that I need to quickly block outside access to (just >>>> internal access from 2nd NIC). Is there any quick examples of how I >>>> can add >>>> a rule to specifically block a port on specific IP? >>> >>> ipfw add 100 deny tcp from 1.2.3.4 any to 192.168.1.2 11 >>> >>> This will block connections from IP 1.2.3.4 to your host's port 11, >>> assuming your local IP was 192.168.1.2 >>> >>> -- >>> -Chuck >>> >>> >> >> _______________________________________________ >> freebsd-ipfw@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >> > > > -- > You've officially been Gmailed > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >