counting (not) blocks of IPs in ipfw - please help
Gilberto Villani Brito
linux at giboia.org
Tue Jul 11 18:27:03 UTC 2006
Try:
ipfw add 00100 count ip from not {10.20.0.0/16,10.30.0.0/16} to any via em0
in
Gilberto
2006/7/10, Ensel Sharon <user at dhp.com>:
>
>
>
> I can't seem to get ipfw to handle a rule like this:
>
>
> ipfw add 00100 count ip from any not { 10.20.0.0/16 or 10.30.0.0/16 } to
> any via em0 in
>
> The error is:
>
> ipfw: missing ``to''
> ipfw: unrecognised option [-1] 10.20.0.0/16
>
>
>
> So if I remove the curlys and try just one IP block:
>
> ipfw add 00100 count ip from any not 10.20.0.0/16 to any via em0 in
>
> The error is:
>
> ipfw: invalid separator <.> in <10.20.0.0/16>
>
>
> Any help appreciated. Thanks.
>
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list