ipfw and ssh example
Chris
racerx at makeworld.com
Wed Dec 3 19:50:54 PST 2003
On Wednesday 03 December 2003 09:20 pm, Chris wrote:
> On Wednesday 03 December 2003 09:13 pm, Steve Bertrand wrote:
> > On Wed, 2003-12-03 at 21:55, Chris wrote:
> > > Hiya folks.
> > >
> > > Please show me an example that I might use if I want to allow only one
> > > IP address into a box via ssh, yet deny all others.
> >
> > The following will allow ssh from 192.168.1.3 to your box in through the
> > 'rl0' interface, and deny all other ssh traffic to the box.
> >
> > # ipfw add 10 allow tcp from 192.168.1.3 to me 22 in via rl0 keep-state
> > # ipfw add 11 deny tcp from any to me 22
>
> How about this:
> # ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state
>
> Allowing a range of IP's?
Never mind folks - Here's my end result.
${fwcmd} add 61200 allow log tcp from 200.200.200.0/24 to ${ip} 22 keep-state
${fwcmd} add 61210 deny log tcp from any to any 22
Thanks again to all then helped out.
--
Best regards,
Chris
______________________________________________________________________
PGP Fingerprint = D976 2575 D0B4 E4B0 45CC AA09 0F93 FF80 C01B C363
PGP Mail encouraged / preferred - keys available on common key servers
______________________________________________________________________
01010010011000010110001101100101011100100101100000000000
More information about the freebsd-ipfw
mailing list