Quick Firewall Question

[Jason Hunt]

Thanks, I will give it a shot..



> From: sn1tch <dot.sn1tch at gmail.com>
> Reply-To: sn1tch <dot.sn1tch at gmail.com>
> Date: Fri, 4 Mar 2005 16:17:07 -0500
> To: Jason Hunt <jhunt at akula.org>
> Cc: <freebsd-ipfw at freebsd.org>
> Subject: Re: Quick Firewall Question
> 
> you could try:
> 
> $oip = outside IP
> $oif = outside interface
> 
> ipfw add deny all from any to $oip 80 in via $oif
> 
> or whatever port
> 
> 
> On Fri, 04 Mar 2005 15:13:18 -0600, Jason Hunt <jhunt at akula.org> wrote:
>> Chuck,
>> 
>> Thanks for your quick response.  What I really need to do is to block
>> specific ports on my outside interface NIC.  In fact, I need to keep the 2nd
>> NIC which is internal open to those ports.
>> 
>>> From: Charles Swiger <cswiger at mac.com>
>>> Date: Fri, 4 Mar 2005 16:09:17 -0500
>>> To: Jason Hunt <jhunt at akula.org>
>>> Cc: <freebsd-ipfw at freebsd.org>
>>> Subject: Re: Quick Firewall Question
>>> 
>>> On Mar 4, 2005, at 4:01 PM, Jason Hunt wrote:
>>>> Greetings,
>>>> 
>>>> I have a machine that I need to quickly block outside access to (just
>>>> internal access from 2nd NIC).  Is there any quick examples of how I
>>>> can add
>>>> a rule to specifically block a port on specific IP?
>>> 
>>> ipfw add 100 deny tcp from 1.2.3.4 any to 192.168.1.2 11
>>> 
>>> This will block connections from IP 1.2.3.4 to your host's port 11,
>>> assuming your local IP was 192.168.1.2
>>> 
>>> --
>>> -Chuck
>>> 
>>> 
>> 
>> _______________________________________________
>> freebsd-ipfw at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>> 
> 
> 
> -- 
> You've officially been Gmailed
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>