Blocking RIP requests on firewall

Lowell Gilbert freebsd-questions-local at be-well.no-ip.com
Wed Aug 13 18:12:57 PDT 2003


...top-post ,please don't

"Darryl Hoar" <darryl at osborne-ind.com> writes:

> Yes,
> 10.0.0.1 is the SMC ADSL modem (external).
> It is running DHCP and assigns the ip
> to my firewall.
> 
> -ISP's DSL Line - ADSL Modem - Firewall - LAN

Then the packets *aren't* being sourced from 10.0.0.1; that's just the
last router that passed them along.  I think you want to say "any"
instead of that IP address.

> -Darryl
> 
> >-----Original Message-----
> >From: lowell at be-well.no-ip.com [mailto:lowell at be-well.no-ip.com]On
> >Behalf Of Lowell Gilbert
> >Sent: Wednesday, August 13, 2003 12:51 PM
> >To: darryl at osborne-ind.com
> >Cc: freebsd-questions at freebsd.org
> >Subject: Re: Blocking RIP requests on firewall
> >
> >
> >"Darryl Hoar" <darryl at osborne-ind.com> writes:
> >
> >> Greetings,
> >> I have a FreeBSD 4.7S machine that is running
> >> IPFilter and is configured as a firewall.
> >> 
> >> My external interface is xl0.
> >> 
> >> I put block in quick on xl0 proto udp from 10.0.0.1 to any port = 520
> >
> >All of the packets are coming from 10.0.0.1?    


More information about the freebsd-questions mailing list