IPFW rules
1 view
Skip to first unread message
sathiyaraj v
Apr 22, 2016, 12:10:02 PM4/22/16
to ques...@freebsd.org
Hi Team,
I want to understand the IP firewall rules. Consider the below
rule
ipfw allow tcp/udp from any to me
What this rule will do? what "me" refers here? Is it IP address of my
system that apply firewall rules? or MAC address of the interface?
I am using 4.2 freebsd stack.
I am trying to deny the packets which doesn't contain the IP and port of my
destiantion.
My source IP is 171.21.47.100
My Destination IP is : 171.21.47.128
I want to deny the tcp/udp packets which does not contain destination IP?
What rule should I use to deny the packets?
Already I have tried to configure the flags ACCEPT ,DSTMSK, dstip and port
number as well. But the packets are not getting dropped.
Can you please help me to achieve the above scenario? What flag I need to
set to achieve this?
if you want the source code of my rule setting I can share.
Thanks in advance.
Sathya.
_______________________________________________
freebsd-...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questi...@freebsd.org"
I want to understand the IP firewall rules. Consider the below
rule
ipfw allow tcp/udp from any to me
What this rule will do? what "me" refers here? Is it IP address of my
system that apply firewall rules? or MAC address of the interface?
I am using 4.2 freebsd stack.
I am trying to deny the packets which doesn't contain the IP and port of my
destiantion.
My source IP is 171.21.47.100
My Destination IP is : 171.21.47.128
I want to deny the tcp/udp packets which does not contain destination IP?
What rule should I use to deny the packets?
Already I have tried to configure the flags ACCEPT ,DSTMSK, dstip and port
number as well. But the packets are not getting dropped.
Can you please help me to achieve the above scenario? What flag I need to
set to achieve this?
if you want the source code of my rule setting I can share.
Thanks in advance.
Sathya.
_______________________________________________
freebsd-...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questi...@freebsd.org"
Odhiambo Washington
Apr 22, 2016, 3:17:02 PM4/22/16
to sathiyaraj v, questions
On 22 April 2016 at 19:09, sathiyaraj v <sathiy...@gmail.com> wrote:
> Hi Team,
>
> I want to understand the IP firewall rules. Consider the below
> rule
>
> ipfw allow tcp/udp from any to me
> What this rule will do? what "me" refers here? Is it IP address of my
> system that apply firewall rules? or MAC address of the interface?
>
It will allow all packets from the wild destined to your IP address. Your
> Hi Team,
>
> I want to understand the IP firewall rules. Consider the below
> rule
>
> ipfw allow tcp/udp from any to me
> What this rule will do? what "me" refers here? Is it IP address of my
> system that apply firewall rules? or MAC address of the interface?
>
public IP address in this case. Assumming you do not need to protect your
host from your LAN hosts.
>
> I am using 4.2 freebsd stack.
>
>
> I am trying to deny the packets which doesn't contain the IP and port of my
> destiantion.
>
con't contain it's IP address!
>
> My source IP is 171.21.47.100
> My Destination IP is : 171.21.47.128
>
same subnet you want to reach from .100?
>
> I want to deny the tcp/udp packets which does not contain destination IP?
>
> What rule should I use to deny the packets?
>
>
> Already I have tried to configure the flags ACCEPT ,DSTMSK, dstip and port
> number as well. But the packets are not getting dropped.
> Can you please help me to achieve the above scenario? What flag I need to
> set to achieve this?
>
> if you want the source code of my rule setting I can share.
>
>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
Reply all
Reply to author
Forward
0 new messages