Syntax to block 38 IPs

Luigi Rizzo rizzo at
Fri Feb 6 10:13:28 PST 2004

On Fri, Feb 06, 2004 at 01:09:48PM -0500, Don Bowman wrote:
> deny ip from {,, ...} to any 

this is still inefficient. Better to use

	deny ip from{131,132,157,190,1,86} ...

which uses a bitmap to represent the list of hosts and has constant
processing time as opposed to having to scan a list.


> this uses IPFW2 I think.
> from the shell, remember to escape the { as \{.
> you could also send a RST i suppose, but just dropping it is
> best.
> _______________________________________________
> freebsd-ipfw at mailing list
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at"

More information about the freebsd-ipfw mailing list