On Wednesday 01 October 2003 01:18 pm, Gary wrote:Yes, in this case, since this is ipfw, and "first match wins."
I have set my firewall to
firewall_type="open" firewall_enable="YES"
and when I want to drop a specific IP, I enter it manually, it accepts it, but it does not drop the packets..
I am getting a lot of virus activity on my SMTP port 25. So I wanted to drop a few IP ranges/addresses..
00100 62054 5483792 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 873327 293931424 allow ip from any to any 65100 0 0 deny tcp from 24.92.226.153 to any 65110 0 0 deny ip from 213.191.102.86 to any 65535 0 0 deny ip from any to any
Yet, checking later in my SMTP logs, I am still getting pounded by the listed addresses. Can anyone explain why this isn't working?
Thanks,
I'm a newbie at firewalls; but I'll take a guess: Doesn't rule 65000 let all ip packets in before rules 65100 and 65110 are considered?
Andrew
Using ipf, it's the opposite; gotta love 'Nix! ;-)
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
