IPFW blocking ip ranges
0 views
Skip to first unread message
Jos Chrispijn
Jun 7, 2024, 1:41:08 PMJun 7
to FreeBSD Mailing List
Can you tell me how to block in ipfw a
certain ip range in one line, like 1.184.192.0 - 1.184.255.255
Thanks.
Thanks.
Paul Procacci
Jun 7, 2024, 1:54:22 PMJun 7
to Jos Chrispijn, FreeBSD Mailing List
On Fri, Jun 7, 2024 at 1:41 PM Jos Chrispijn <jo...@cloudzeeland.nl> wrote:
Can you tell me how to block in ipfw a certain ip range in one line, like 1.184.192.0 - 1.184.255.255
Thanks.
Replace <rulenum> accordingly.
~Paul
--
__________________
:(){ :|:& };:
:(){ :|:& };:
Paul Procacci
Jun 7, 2024, 1:55:09 PMJun 7
to Jos Chrispijn, FreeBSD Mailing List
Brett Glass
Jun 7, 2024, 2:32:46 PMJun 7
to Jos Chrispijn, FreeBSD Mailing List
IPFW has the ability to block subnets (ranges that can be matched with
a
base address and bitmask), e.g. 1.184.192.0/18, with just one pattern within
a rule. Arbitrary ranges and discontiguous sets that can't be matched that
way can use:
* An "or block" (several patterns enclosed within braces and separated by "or");
* Multiple rules; or
* An "address set" (a subnet specification followed by a list of addresses within
a subnet that's /24 or smaller).
The IPFW man page gives a grammar and shows examples. Search for "addr-list"
within the page to find the right section.
--Brett
base address and bitmask), e.g. 1.184.192.0/18, with just one pattern within
a rule. Arbitrary ranges and discontiguous sets that can't be matched that
way can use:
* An "or block" (several patterns enclosed within braces and separated by "or");
* Multiple rules; or
* An "address set" (a subnet specification followed by a list of addresses within
a subnet that's /24 or smaller).
The IPFW man page gives a grammar and shows examples. Search for "addr-list"
within the page to find the right section.
--Brett
Reply all
Reply to author
Forward
0 new messages