ipfw and ssh example
Steve Bertrand
iaccounts at northnetworks.ca
Wed Dec 3 20:40:21 PST 2003
> How about this:
> # ipfw add 10 allow tcp from 192.168.1.3-10 to me 22 in via rl0 keep-state
>
Sure, but the question was 1 IP. With IPFW2 (after July 2002), you can
even do this:
safenets="{ 192.168.1.0/24 or 192.168.2.0/24 or 10.0.2.0/24 }"
$cmd 20 allow tcp from $safenets to me 22 in via rl0 keep-state
$cmd 21 deny tcp from any to me 22
Which would allow all computers from all three subnets, saving you from
writing rules for each subnet.
Steve
> Allowing a range of IP's?
>
> BTW - Thank you everyone.
--
Steve Bertrand
President/CTO,
Northumberland Network Services
t: 905.352.2688
w: www.northnetworks.ca
More information about the freebsd-ipfw
mailing list