counting (not) blocks of IPs in ipfw - please help
Ensel Sharon
user at dhp.com
Mon Jul 10 22:40:54 UTC 2006
I can't seem to get ipfw to handle a rule like this:
ipfw add 00100 count ip from any not { 10.20.0.0/16 or 10.30.0.0/16 } to
any via em0 in
The error is:
ipfw: missing ``to''
ipfw: unrecognised option [-1] 10.20.0.0/16
So if I remove the curlys and try just one IP block:
ipfw add 00100 count ip from any not 10.20.0.0/16 to any via em0 in
The error is:
ipfw: invalid separator <.> in <10.20.0.0/16>
Any help appreciated. Thanks.
More information about the freebsd-net
mailing list