IPFW stateful deny question
Sten Daniel Sørsdal
sten.daniel.sorsdal at wan.no
Tue Apr 1 00:48:47 PST 2003
This one is for the archives.
If anyone would donate their time to replying to this one, It would be appreciated.
Im trying to setup a firewall that for a time-limited period block IP's that send packets to specified ports.
After time has expired the ip will be allowed again.
With this setup;
ipfw add 100 check-state
ipfw add 1000 skipto 2000 tcp from any to any 445
...
ipfw add 2000 deny ip from any to any keep-state
...
Would this setup a stateful block against that IP address, blocking all IP traffic from that particularly evil ip
Or would it just match the specifics? Would I have to do this instead to achieve this?
ipfw add 100 check-state
ipfw add 1000 skipto 2000 tcp from any to any 445 keep-state
...
ipfw add 2000 deny ip from any to any
...
- Sten
More information about the freebsd-questions
mailing list