[geeks] IPF
vance at neurotica.com
vance at neurotica.com
Fri Sep 12 15:20:59 CDT 2003
On Thu, 11 Sep 2003, Mike Hebel wrote:
> >> I have another, related question. My firewall unfortunately has a
> >> dynamic IP address right now. How do I tell ipf (in ipf.rules) to
> >> allow access to the outside from that IP address without allowing
> >> access for the entire IP block, which may contain people who wouldn't
> >> mind waltzing around my system messing with stuff? Does something
> >> like the following work?
> >>
> >> pass out quick on ppp0 from 0/32 to any
> >
> > Very close; the following should do what you need it to do:
> >
> > pass out quick on ppp0 proto tcp/udp from any to any keep state
> >
> > To allow for your incoming connections, you might add rules such as:
> >
> > pass in quick on ppp0 proto tcp/udp from any to 10.0.69.5 \
> > port = 23 flags S/SA keep state
>
> I think he's looking for a choke solution for just his IP though.
Nope. If I do a total block, that should work.
Peace... Sridhar
More information about the geeks
mailing list