Example commands for ipfw

[an error occurred while processing this directive] FreeBSD Handbook : Users, groups and security : Firewalls : Example commands for ipfw
Previous: Configuring IPFW
Next: Building a packet filtering firewall

6.4.5. Example commands for ipfw

This command will deny all packets from the host evil.hacker.org to the telnet port of the host nice.people.org by being forwarded by the router:


ipfw addf deny tcp from evil.hacker.org to nice.people.org telnet

The next example denies and logs any TCP traffic from the entire hacker.org network (a class C) to the nice.people.org machine (any port).


ipfw addf ldeny tcp from evil.hacker.org/24 to nice.people.org

If you do not want people sending X sessions to your internal network (a subnet of a class C), the following command will do the necessary filtering:


ipfw addf deny syn to my.org/28 6000

To allow access to the SUP server on sup.FreeBSD.ORG, use the following command:


ipfw addf accept syn to sup.FreeBSD.ORG supfilesrv

To see the accounting records:


ipfw -sa list accounting

or in the short form


ipfw -sa l a

FreeBSD Handbook : Users, groups and security : Firewalls : Example commands for ipfw
Previous: Configuring IPFW
Next: Building a packet filtering firewall [an error occurred while processing this directive]