IPFW closing range of ports
Matthew Walker
drinking.coffee at gmail.com
Mon Oct 19 21:30:09 UTC 2009
You could starve it by using a pipe, allocate 16 kbit/sec. Then
technically you aren't blocking it.
ipfw add 1000 pipe 10 tcp from any to any 14500-65535 out
ipfw pipe 10 config bw 16k queue 100 mask dst-ip 0xff000000
Otherwise, you can block the ports:
ipfw add 1000 deny tcp from any to any 14500-65535 out
Depends on how much of a BOFH mood your are in that day.
-- Matthew
PeterJJ wrote:
> I'm new to this, so go easy please.
>
> I have put in place a very basic ipfw ruleset in my place of employment.
> To this i have been asked to block out all peer to peer sharing to ports in
> the range of 14500-65000.
>
>
More information about the freebsd-ipfw
mailing list