[210] in linux-net channel archive
ipfw configuration
daemon@ATHENA.MIT.EDU (Thomas Koenig)
Tue Apr 18 13:28:12 1995
To: submit-linux-dev-net@ratatosk.yggdrasil.com
From: ig25@fg70.rz.uni-karlsruhe.de (Thomas Koenig)
Date: 18 Apr 1995 15:18:45 GMT
Reply-To: Thomas.Koenig@ciw.uni-karlsruhe.de
I don't understand the ipfw manpage; I'm especially unclear about the
meaning of the ':mask bits' or '/mask pattern' parameter, which addresses
to use for networks, and how to deny access to machines in general
while allowing it in special cases.
I'm on the 129.13.0.0 Class B network (netmask 255.255.0.0). If
I wanted to block any tcp connection to port 6000 from outside this
network, how would I go about this?
I suppose I'd have to first add a blocking entry with something
along the lines of
ipfw addb deny tcp from 0.0.0.0/0 to my.host.org 6000
ipfw addb accept tcp from 129.13.0.0/16 to my.host.org 6000
Is this correct?
Maybe somebody could write a utility which followed the hosts_access(5)
syntax - it would sure make make life easier.
--
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.
