i need a firewall what will do NAT and will allow to flow pachet's only to a numer ip's/mask's + I need that anly those ip's to coonect to my server.

i where a simple way to do this ? not like :

ipfw add 1 allow all from any to 1.1.1.1/24 out
ipfw add 1 allow all from 1.1.1.1/24 to any in

and the same way to all of my ip's ? maybe some cicle, I fond in csh setenv iplist "{ ip1 or ip2 or ip3 }" but i need it in bash ?

plz help.

• ipfw freebsd - work just with a list of ip ddresses.,Arifolth, 14:03 , 01-Окт-04
  • ipfw freebsd - work just with a list of ip ddresses.,lamerusha, 14:54 , 01-Окт-04
    • ipfw freebsd - work just with a list of ip ddresses.,Arifolth, 15:11 , 01-Окт-04

>i need a firewall what will do NAT and will allow to
>flow pachet's only to a numer ip's/mask's + I need that
>anly those ip's to coonect to my server.
>
>i where a simple way to do this ? not like :
>
>
>ipfw add 1 allow all from any to 1.1.1.1/24 out
>ipfw add 1 allow all from 1.1.1.1/24 to any in
>
>and the same way to all of my ip's ? maybe some
>cicle, I fond in csh setenv iplist "{ ip1 or ip2
>or ip3 }" but i need it in bash ?
>
>plz help.

если я ничего не путаю -
в рассылке по freebsd/ipfw как то проскакивал подобный вопрос...
есь там вроде как фича tables с её помощю вродь как можно
формировать список ip addr`ов
(с пол тычка под freebsd 521 не пошло(может оно под 53?) - разбираться некогда)
...
ipfw table(s) add 1 ip/mask
...
ipfw add 1000 deny ip from any to table(s)
посмотри на эту тему мыло-рассылки

ipfw add allow ip from any to me

>ipfw add allow ip from any to me

в смысле наоборот
...
ipfw table(s) add 1 ip/mask
..
ipfw table(s) add 10 ip/mask
...
ipfw add 1000 deny ip from table(s) to any[me/ip]