>
> Is there a way I can use ipfw to disallow ICMP from anyone, but root?
> (FreeBSD 4.7R) I tried this:
>
> ${fwcmd} -q add 4 allow icmp from any to any icmptype 0,3,8,11 in via
> ${outside}
> ${fwcmd} -q add 4 allow icmp from any to any uid root
> ${fwcmd} -q add 4 deny log icmp from any to any
man ipfw says:
uid user
Match all TCP or UDP packets sent by or received for a user. A
user may be matched by name or identification number.
..which sort of implies it wont work for icmp.
Why would you want this policy?
--
:{ [EMAIL PROTECTED]
Andy Farkas
System Administrator
Speednet Communications
http://www.speednet.com.au/
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
