ipfw syntax clarification
- Reply: Kurt Hackenberg : "Re: ipfw syntax clarification"
- Reply: Bernhard John : "Re: ipfw syntax clarification"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 29 Dec 2021 23:32:15 UTC
We have a FBSD firewall/gateway/natd server on the permimeter of one of our networks. We have an ipfw table that is loaded with pesky IPs like this: ipfw add deny all from table\(10\) to any via ${OIF} This does block traffic which originates from those IPs to our server. However, it also prevents our server from originating requests TO those IPs. This is an issue because some of the table entries are CIDR blocks intended to geoblock known problem areas. However, it's sometimes desirable to, say, connect to a web server within one of those CIDR blocks. How/can the rule above be modified to let no one in the table to connect or ping to the server, but still allow the server to connect to something in the forbidden blocks/IPs? TIA! -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/