[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
thanks for reply me
Hi dears members
i am very thankfull to you that you reply me. Now dear (Cesar da
Silva) i have just only 8 port BeyNet Switch at my client side and
their is no any option in this switch that i block ports. Thats why i
have to use ipfw2 and iptables. As well Iptables is the best.
Dear Mr. (Chuck) Thanks for giving some tips
ipfw add deny ip from 192.168.0.33 to any
ipfw add deny ip from any to any mac any 00:40:50:EA:CD:00
Chuck Just first option is working. Still I cant' get my aim in
ipfw2 that i block my customer MAC address for incoming request.
i thinks iptables then best then ipfw2. becase in iptables i did't
face any problem.
thanks for reply me dears
thanks alot
Umar DRaz
>From: freebsd-config-request@xxxxxxxxxxx
>Reply-To: freebsd-config@xxxxxxxxxxx
>To: freebsd-config@xxxxxxxxxxx
>Subject: freebsd-config Digest, Vol 40, Issue 5
>Date: Sat, 6 Mar 2004 12:00:39 -0800 (PST)
>
>Send freebsd-config mailing list submissions to
> freebsd-config@xxxxxxxxxxx
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freebsd.org/mailman/listinfo/freebsd-config
>or, via email, send a message with subject or body 'help' to
> freebsd-config-request@xxxxxxxxxxx
>
>You can reach the person managing the list at
> freebsd-config-owner@xxxxxxxxxxx
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of freebsd-config digest..."
>
>
>Today's Topics:
>
> 1. Re: firewall IP/MAC (Cesar da Silva)
> 2. Please Give me Right Answer (Umar Draz)
> 3. Re: Please Give me Right Answer (Chuck Swiger)
>
>
>---------------------------------------------------------------------
-
>
>Message: 1
>Date: Fri, 5 Mar 2004 23:45:08 +0100
>From: "Cesar da Silva"
>Subject: Re: firewall IP/MAC
>To:
>Message-ID: <20040305224509.F266243D1F@xxxxxxxxxxxxxxx>
>Content-Type: text/plain; charset="us-ascii"
>
>I think that your suggestion is great, but I think that the best
option if
>available is to block the customers port on the router/switch, than
he can
>alter his IP-/ MAC-address as much as he likes.
>
>Regards.
>Cesar da Silva
>
>Andras Got wrote:
> >I think, he should set up that only those few MAC address-es can
use the
>network, and bind this to their own IP address. >When something bad
happens
>you just set a block on that mac and IP duo. :)
>
>
>------------------------------
>
>Message: 2
>Date: Sat, 06 Mar 2004 10:16:30 +0000
>From: "Umar Draz"
>Subject: Please Give me Right Answer
>To: freebsd-config@xxxxxxxxxxx
>Message-ID:
>Content-Type: text/plain
>
>
> this is my 4th question about ipfw2 and i can't get a proper
answer of
> my question.
>
> my question was....
>
> i have 2 machines
>
> (1) is Redhat Linux 7.3 and
> (2) FreeBSD.49
>
> both are connected to internet with DSL and both are different
places.
> i have a cable internet
> andy my both machines has Squid and NAT
>
> so if i wanat block my any cable internet user in linux. i use
> iptables and i block him/her ip and MAC. like this
>
> iptables -A INPUT -s 192.168.0.45 -i eth0 -m mac --mac-source
> 00-10-CE-60-01-5A -j REJECT
>
> this command fillfull my problem
>
> now my question is. If i want block my cable internet user in my
> FreeBSD 4.9 machine thorugh ipfw2. then what kind of command i
should
> add in my /etc/ipfw.rules
>
> for excample i want block this ip 192.168.0.33 and this ip has
this
> mac address 00-40-50-EA-CD-00.
>
> so please please give me right answer
>
> thanks and regards
>
> Umar Draz
> _______________________________________________________________
__
>
> MSN 8 helps [1]ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*.
>
>References
>
> 1. http://g.msn.com/8HMBEN/2743??PS=
>
>------------------------------
>
>Message: 3
>Date: Sat, 06 Mar 2004 09:13:58 -0500
>From: Chuck Swiger
>Subject: Re: Please Give me Right Answer
>To: Umar Draz
>Cc: freebsd-config@xxxxxxxxxxx
>Message-ID: <4049DCA6.9020905@xxxxxxx>
>Content-Type: text/plain; charset=us-ascii; format=flowed
>
>Umar Draz wrote:
> > this is my 4th question about ipfw2 and i can't get a proper
answer of
> > my question.
>
>You're asking on the wrong lists; try freebsd-questions or
freebsd-ipfw lists
>instead.
>
> > now my question is. If i want block my cable internet user in
my
> > FreeBSD 4.9 machine thorugh ipfw2. then what kind of command i
should
> > add in my /etc/ipfw.rules
> >
> > for excample i want block this ip 192.168.0.33 and this ip has
this
> > mac address 00-40-50-EA-CD-00.
>
>Try one or both of the following to block outbound requests:
>
>ipfw add deny ip from 192.168.0.33 to any
>ipfw add deny ip from any to any mac any 00:40:50:EA:CD:00
>
>In conjunction with a reasonable ruleset which denies inappropriate
inbound
>connections to your network, this should address your question.
>
>--
>-Chuck
>
>
>------------------------------
>
>_______________________________________________
>freebsd-config@xxxxxxxxxxx mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-config
>To unsubscribe, send any mail to
"freebsd-config-unsubscribe@xxxxxxxxxxx"
>
>
>End of freebsd-config Digest, Vol 40, Issue 5
>*********************************************
_________________________________________________________________
Add photos to your e-mail with [1]MSN 8. Get 2 months FREE*.
References
1. http://g.msn.com/8HMAEN/2746??PS=
