removing ipfw rules
Ian Smith
smithi at nimnet.asn.au
Fri Dec 28 06:18:33 PST 2007
On Fri, 28 Dec 2007 02:21:54 +0200 Giorgos Keramidas <keramida at ceid.upatras.gr> wrote:
> On 2007-12-27 15:47, Noah <admin2 at enabled.com> wrote:
> > Hi,
> >
> > I have two ipfw rules that I want to remove. They are viewable with the
> > "ipfw show" command
> >
> >
> > --- snip ---
> >
> > 06600 0 0 allow ip from any to any proto tcp src-ip
> > 66.66.66.66 dst-port 22
> > 06700 0 0 allow ip from any to any proto tcp src-ip
> > 66.66.66.66 dst-port 22
> >
> > --- snip ----
> >
> > I am typing the command "/sbin/ipfw -q delete pass proto tcp src-ip
> > 66.66.66.66 dst-port 22"
> >
> > but both lines remain. What am I doing wrong?
>
> There are differences between the visible rule:
>
> allow ip from any to any proto tcp src-ip 66.66.66.66 dst-port 22
>
> and the one you are trying to delete:
>
> pass proto tcp src-ip 66.66.66.66 dst-port 22
>
> Having said that, can you try something simpler, i.e.
>
> ipfw -q delete 6600
> ipfw -q delete 6700
>
> This should work too, if I remember well enough the ipfw syntax.
You do, but deleting by rule number/s is the only way. ipfw(8):
ipfw [-q] {delete | zero | resetlog} [set] [number ...]
Of course Noah could find rule number/s to delete with something like
# ipfw delete `ipfw list | grep $somestring | awk '{print $1}'`
if he was, um, courageous :) Safer tested first with ipfw show ..
cheers, Ian
More information about the freebsd-questions
mailing list