Date: Tue, 1 Apr 2003 10:48:37 +0200 From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= <sten.daniel.sorsdal@wan.no> To: <freebsd-questions@freebsd.org> Subject: IPFW stateful deny question Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DE81@exchange.wanglobal.net>
next in thread | raw e-mail | index | archive | help
This one is for the archives. If anyone would donate their time to replying to this one, It would be = appreciated.=20 Im trying to setup a firewall that for a time-limited period block IP's = that send packets to specified ports. After time has expired the ip will be allowed again. With this setup; ipfw add 100 check-state ipfw add 1000 skipto 2000 tcp from any to any 445 ... ipfw add 2000 deny ip from any to any keep-state ... Would this setup a stateful block against that IP address, blocking all = IP traffic from that particularly evil ip Or would it just match the specifics? Would I have to do this instead to = achieve this? ipfw add 100 check-state ipfw add 1000 skipto 2000 tcp from any to any 445 keep-state ... ipfw add 2000 deny ip from any to any ... - Sten
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0AF1BBDF1218F14E9B4CCE414744E70F07DE81>