freebsd-ipfw Digest, Vol 270, Issue 1
Raffaele De Lorenzo
raffaele.delorenzo at libero.it
Sat Jun 21 10:31:13 UTC 2008
The "Neighbor Advertisement" messages are used for routing purples by
the Neighbor Discovery Protocol..
The standard SSH port is 22
The standard Telnet port is 23
(ipfw add deny tcp from XXX:XXX:XX to any dst-port 22,23 via YYY)
these rules refer to IPFW not IP6FW. You must use IPFW.
cheers
Raffaele
On 19/giu/08, at 04:04, Edwin Sanjoto wrote:
> Thanks Raffaele, It works...
>
> another question that i want to ask is, what is the using of
> "Neighbor Advertisement" which is icmptypes 136?
>
> LAst question:
> I don't know the rules to block ssh and telnet. I've already done
> this:
> $cmd6 00503 allow tcp from 2001::6:111 to any 22,23 in via ed0
> $cmd6 00504 deny tcp from any to any 22,23 in via ed0
>
>
> But after i display the ip6fw list, i didn't find the rules for
> blocking ssh and telnet.
>
>
> Regards,
>
> EDWIN Sanyoto
> (berlowin at yahoo.com)
>
>
> ----- Original Message ----
> From: Raffaele De Lorenzo <raffaele.delorenzo at libero.it>
> To: Edwin Sanjoto <berlowin at yahoo.com>
> Cc: freebsd-ipfw at freebsd.org
> Sent: Tuesday, June 17, 2008 2:37:17 PM
> Subject: Re: freebsd-ipfw Digest, Vol 270, Issue 1
>
> Hi,
> I see From [RFC4861] the icmpv6 type 136 is still used for "Neighbor
> Advertisement" messagges
>
> 136 Neighbor Advertisement [RFC4861]
>
> You must modify your ipfw IPv6 rules... see this URL for all
> informations:
>
> http://www.iana.org/assignments/icmpv6-parameters
>
> Anyway the "echo request" message type is 128 and the "echo reply"
> message type is 129.
>
>
>
> Cheers
>
> Raffaele
>
>
>
More information about the freebsd-ipfw
mailing list