using tables with ipfw

Valeri Galtsev galtsev at kicp.uchicago.edu
Wed Jun 9 16:29:36 UTC 2021 


On 6/9/21 10:55 AM, Robert Huff wrote:
> 
> 	I've read the man page ... and am insufficiently enlightened.
> 	Is there a place with clear examples on how to use tables with
> ipfw?  Specifically, adding entries to a table and having the new
> values take effect?
> 

I am not enlightened either, what I do is pretty simple...

This is what I do when I use ipfw tables (e.g. blocking port 25 access 
from unwanted networks; my users will send from these networks via port 
465 as authenticated users...):

1. I put unwanted networks into file /usr/local/etc/xxxx.spam like:

1.0.0.0/8
26.0.0.0/8
36.16.0.0/12
49.64.0.0/11
58.208.0.0/12
59.0.0.0/8
60.0.0.0/8
106.0.0.0/8
114.224.0.0/12
# ....

2. Then I create table, and fill it with above:

ipfw table 1 create
cat /usr/local/etc/xxxx.spam | xargs -n1 ipfw table 1 add

3. I have the following in my /etc/ipfw.rules:

$cmd 618 deny all from 'table(1)' to [my IP here]/32 25 in via $pif

(where $pif is public interface defined at the beginning of ipfw.rules)

4. To re-create on the fly table after adding new block of addresses:

ipfw table 1 list
ipfw table 1 flush
cat /usr/local/etc/xxxx.spam | xargs -n1 ipfw table 1 add
ipfw table 1 list

5. And for things to happen at the start, the /etc/ipfw.rules has the 
following lines close to the beginning of the file:

# Create table
ipfw table 1 create
cat /usr/local/etc/xxxx.spam | xargs -n1 ipfw table 1 add


This pretty much covers all I do with tables. Oh, I forgot one thing, 
you cal also add to tables what sshguard produces quite similarly, just 
by piping sshguard's file of IPs into separate table...


I hope, this helps.

Valeri

> 
> 			Respectfully,
> 
> 
> 				Robert Huff
> 
> 
> 	
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 

-- 
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the freebsd-questions mailing list