From owner-freebsd-questions Wed Dec 30 00:32:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA19978 for freebsd-questions-outgoing; Wed, 30 Dec 1998 00:32:18 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from dns1.briang.org (c879583-a.ptbrg1.sfba.home.com [24.1.88.78] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA19965 for ; Wed, 30 Dec 1998 00:32:12 -0800 (PST) (envelope-from brian@briang.org) Received: from brian-desktop (brian-desktop.briang.org [192.168.0.40]) by dns1.briang.org (8.9.1/8.9.1) with SMTP id BAA00354 for ; Wed, 30 Dec 1998 01:39:23 -0800 (PST) Message-ID: <000401be33cf$58126540$2800a8c0@brian-desktop.briang.org> Reply-To: "Brian Gallucci" From: "Brian Gallucci" To: "FreeBSD" Subject: IPFW Date: Wed, 30 Dec 1998 00:35:23 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm running FreeBSD 2.2.7 with IPFW and NATD Support and I need to block access to our network would I ALLOW it and then add a DENY line ? Like so -> $fwcmd -f flush $fwcmd add divert 6668 all from any to any via fxp0 # $fwcmd add 100 pass all from any to any via lo0 $fwcmd add 200 deny log all from any to 127.0.0.0/8 # $fwcmd add pass tcp from any to any established $fwcmd add allow tcp from any to any 25 $fwcmd add allow tcp from any to any 53 $fwcmd add allow udp from any to any 53 $fwcmd add allow tcp from any to any 80 $fwcmd add allow tcp from any to any 113 # $fwcmd add deny log tcp from any to any $fwcmd add deny log udp from any to any $fwcmd add deny log tcp from 24.0.0.0/8 to any If I try to to use port 5500 to access another network I get a error message deny < $fwcmd add deny log tcp from any to any > why is this ? I have the established set, Thanks -Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message