10-05-2005
Need help with IPFW.. Please...
Hi folks,
I am a Mac User, and have little knowledge on IPFW.
I have a set up at home where my computer (with 2 ethernet cards and static IP adresses) serves Internet to my family's computers.
I have already a script that will run automatically at login and called from Cron at certain times, the purpose is to stop serving Internet to certain computers at a certain time.
I need help with a command that will block all trafic from and to an specific computer. But using the IP address is not enough. I wonder if I could specify the ethernet card's Mac Address within the IPFW command.
Is this possible?
Would someone be so kind to write me here an example line?
Thank you!
Bernardo Höhl
Rio de Janeiro - Brazil
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
i am running nat on my freeBSD and web/ftp server.
The rule allow ip from any to any must always be? or how? if i accept all packets to go on my ep0 which diverts all to my intranet it doesnt help, must the rule allow ip from any to any always be ?
even if many rules are between divert rule and... (3 Replies)
Discussion started by: hachik
3 Replies
2. Cybersecurity
Is there a general rule I can apply when examining/editing ipfw entries?
Also, does each new entry have to have a unique rule number?
And, I think I can write a script to block code red infected machines (though I'm not sure it would do more than slim down my web server error message log),... (0 Replies)
Discussion started by: [MA]Flying_Meat
0 Replies
3. BSD
just as the title says.
thanks.
#General Rule Sets
/sbin/ipfw add 0300 check-state
/sbin/ipfw add 0301 deny tcp from any to any in established
/sbin/ipfw add 0302 pass tcp from any to any out setup keep-state
/sbin/ipfw add 0303 pass udp from any to any out
#SSH FTP
/sbin/ipfw add 0400... (11 Replies)
Discussion started by: dwildgoose
11 Replies
4. Cybersecurity
Hello.
I hope you can help me please.
We are about to bring a few servers online which will be hosting different things...
For one server, it will be hosting a HTTPd, and just wanted to know whether these rules are correct that I have?
To ensure the right interfaces etc, here's a copy of... (1 Reply)
Discussion started by: DanUK
1 Replies
5. Cybersecurity
Here's the problem: Some email-service providers (like
Google) have more than one server and distribute the load such that, e.g. the incoming mail server imap.gmail.com is assigned to more than one IP-address.
With stateful rules, the ipfw firewall correctly allows outgoing packages to one of... (1 Reply)
Discussion started by: steffen
1 Replies
6. BSD
Hi!
I've already posted this on the freebsd-questions mailing list, but I thought I could try it here too.
I'm using FreeBSD 7.0 with IPFW DUMMYNET enabled.
I've got a problem with creating a ruleset, which allows me to limit the overall bandwidth of a link and afterwards pass the packets... (0 Replies)
Discussion started by: xenator
0 Replies
7. UNIX for Advanced & Expert Users
Hello,
I have a little problem with my server configuration.
So: I have two PC's with DHCP enable and both of them have two NIC's.
PC1 - le0 ADSL
PC1 - le1 192.168.10.1
PC2 - le0 192.168.10.10
PC2 - le1 192.168.20.1
One NIC on PC1 is connected to ADSL, another one have IP address... (3 Replies)
Discussion started by: mrowcp
3 Replies
8. Cybersecurity
Hello, excuse my English. Please could tell me how I can pass this syntax for iptables to ipfw.
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -m recent
--set --name thor --rdest -j ACCEPT
iptables -A INPUT -p tcp -m tcp --tcp-flag RST RST -m state --state
ESTABLISHED -m recent... (0 Replies)
Discussion started by: dot357
0 Replies
9. Shell Programming and Scripting
Hello,
This is an SSH Block hammer script using ipfw, that I have modified for my own use. It is for a freenas 7.2 box which is FreeBSD based.
The script works, but if there is more then one hammer attack per day, my issue is the script reads the first five instances of refused or invalid... (2 Replies)
Discussion started by: dpreviti
2 Replies
10. OS X (Apple)
Under Mountain Lion, I want logs from ipfw sent to ipfw.log instead of dumped in system.log I've tried to figure out how OSX handles logs, but... after going back and forth between a syslog.conf which does little if anything, a newsyslog.conf that seems to only handle rotation, an asl.conf that... (3 Replies)
Discussion started by: jnojr
3 Replies
LEARN ABOUT DEBIAN
go-fish
GO-FISH(6) BSD Games Manual GO-FISH(6)
NAME
go-fish -- play ``Go Fish''
SYNOPSIS
go-fish [-p]
DESCRIPTION
go-fish is the game ``Go Fish'', a traditional children's card game.
The computer deals the player and itself seven cards, and places the rest of the deck face-down (figuratively). The object of the game is to
collect ``books'', or all of the members of a single rank. For example, collecting four 2's would give the player a ``book of 2's''.
The options are as follows:
-p Professional mode.
The computer makes a random decision as to who gets to start the game, and then the computer and player take turns asking each other for
cards of a specified rank. If the asked player has any cards of the requested rank, they give them up to the asking player. A player must
have at least one of the cards of the rank they request in their hand. When a player asks for a rank of which the other player has no cards,
the asker is told to ``Go Fish!''. Then, the asker draws a card from the non-dealt cards. If they draw the card they asked for, they con-
tinue their turn, asking for more ranks from the other player. Otherwise, the other player gets a turn.
When a player completes a book, either by getting cards from the other player or drawing from the deck, they set those cards aside and the
rank is no longer in play.
The game ends when either player no longer has any cards in their hand. The player with the most books wins.
go-fish provides instructions as to what input it accepts.
BUGS
The computer cheats only rarely.
BSD
May 31, 1993 BSD