[geeks] IPF
Mike Hebel
nimitz at nimitzbrood.com
Thu Sep 11 12:06:36 CDT 2003
On Thursday, September 11, 2003, at 07:23 AM, Mike F wrote:
> On Thu, 11 Sep 2003 02:26:30 -0400 (EDT)
> vance at neurotica.com wrote:
>
>> I have another, related question. My firewall unfortunately has a
>> dynamic IP address right now. How do I tell ipf (in ipf.rules) to
>> allow access to the outside from that IP address without allowing
>> access for the entire IP block, which may contain people who wouldn't
>> mind waltzing around my system messing with stuff? Does something
>> like the following work?
>>
>> pass out quick on ppp0 from 0/32 to any
>
> Very close; the following should do what you need it to do:
>
> pass out quick on ppp0 proto tcp/udp from any to any keep state
>
> To allow for your incoming connections, you might add rules such as:
>
> pass in quick on ppp0 proto tcp/udp from any to 10.0.69.5 \
> port = 23 flags S/SA keep state
I think he's looking for a choke solution for just his IP though.
Mike Hebel
More information about the geeks
mailing list