Syntax to block 38 IPs
Luigi Rizzo
rizzo at icir.org
Fri Feb 6 10:13:28 PST 2004
On Fri, Feb 06, 2004 at 01:09:48PM -0500, Don Bowman wrote:
...
> deny ip from { 209.102.202.131, 209.102.202.132, ...} to any
this is still inefficient. Better to use
deny ip from 209.102.202.0/24{131,132,157,190,1,86} ...
which uses a bitmap to represent the list of hosts and has constant
processing time as opposed to having to scan a list.
cheers
luigi
> this uses IPFW2 I think.
>
> from the shell, remember to escape the { as \{.
>
> you could also send a RST i suppose, but just dropping it is
> best.
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
More information about the freebsd-ipfw
mailing list