[afnog] ipfw question
Tumi Mogale
tumi_mogale1 at yahoo.com
Thu Nov 9 13:46:07 UTC 2006
afnog at afnog.org list admin, please change the list
setting to reply to the list. (now, reply-to is the
postor, not the list)
everyone agrees?
tm
--- Tumi Mogale <tumi_mogale1 at yahoo.com> wrote:
> --- Brian Candler <B.Candler at pobox.com> wrote:
>
> > On Thu, Nov 09, 2006 at 05:19:03AM -0800, Tumi
> > Mogale wrote:
> > > 2 - i want all traffic from 10.0.2.0/24 to be
> > denied
> > > access to 10.0.3.0/24 but be allowed access to
> > > 10.0.1.0/24 (the net)
> > >
> > > here is the rule i thought would work for case
> 2:
> > >
> > > ipfw add 00xx allow all from 10.0.2.0/24 to any
> > not
> > > 10.0.3.0/24
> > >
> > > (or is this a bad use of the "not" syntax?)
> >
> > Did it give you an error when you tried to load
> it?
> >
> > I don't think the destination can be "any" and
> "not
> > 10.0.3.0/24" at the same
> > time. But I think you can do
> >
> > allow all from 10.0.2.0/24 to not 10.0.3.0/24
>
> i will try this format!
>
> if it is several nets, they can be separated with a
> comma after the "not" statement?
>
> like
> allow all from 10.0.2.0/24 to not
> 10.0.3.0/24,10.0.9.0/26,x.x.x.x/xx
>
> ?
>
> -tm
>
>
>
>
>
>
>
>
____________________________________________________________________________________
> Sponsored Link
>
> Mortgage rates near 39yr lows. $420k for $1,399/mo.
> Calculate new payment!
> http://www.LowerMyBills.com/lre
>
__________________________________________________________________________________________
Sponsored Link
Talk more and pay less. Vonage can save you up to $300
a year on your phone bill.
Sign up now. http://www.vonage.com/startsavingnow/
____________________________________________________________________________________
Sponsored Link
Free Uniden 5.8GHz Phone System with Packet8 Internet Phone Service
http://www.getpacket8.net/yahoo2
More information about the afnog
mailing list