by James Bur » Wed, 08 Jan 1997 04:00:00
Hi there guys. I have a question concerning ipfwadm. I am trying
to make it so that only certain machines(IP's) can access a machine within
our network. Let us say that the remote machines are xxx.xxx.xxx.xxx and
yyy.yyy.yyy.yyy, with the local machine zzz.zzz.zzz.zzz. What would be the
ipfwadm rules to allow only xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy to access
zzz.zzz.zzz.zzz, and unlimited access for other machines to the rest of
our network?
Thanks
James
by John D. Hard » Fri, 10 Jan 1997 04:00:00
Assumptions:Quote:> Hi there guys. I have a question concerning ipfwadm. I am trying
> to make it so that only certain machines(IP's) can access a machine within
> our network. Let us say that the remote machines are xxx.xxx.xxx.xxx and
> yyy.yyy.yyy.yyy, with the local machine zzz.zzz.zzz.zzz. What would be the
> ipfwadm rules to allow only xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy to access
> zzz.zzz.zzz.zzz, and unlimited access for other machines to the rest of
> our network?
Run these commands *in this order*:
ipfwadm -I -a allow -S x.x.x.x/32 -D z.z.z.z/32 -W ppp0
ipfwadm -I -a allow -S y.y.y.y/32 -D z.z.z.z/32 -W ppp0
ipfwadm -I -a deny -S 0.0.0.0/0 -D z.z.z.z/32 -W ppp0
"unlimited access" will, of course, be based on what other rules you
create.
Caveat: I haven't tried this. Let me know how it goes.
-------------------------------------------------------------------------
PGP fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
finger for PGP key Linux: the choice of a Gnu generation
-------------------------------------------------------------------------
Every 1.5 years computers double in speed...
...then Windows slows them down again...
Micro$oft: "Bringing you ten year old technology, tomorrow. Maybe."