>
> Is there a way I can use ipfw to disallow ICMP from anyone, but root?
> (FreeBSD 4.7R) I tried this:
>
> ${fwcmd} -q add 4 allow icmp from any to any icmptype 0,3,8,11 in via
> ${outside}
> ${fwcmd} -q add 4 allow icmp from any to any uid root
> ${fwcmd} -q add 4 deny log icmp from any to any

man ipfw says:

  uid user
    Match all TCP or UDP packets sent by or received for a user. A
    user may be matched by name or identification number.

..which sort of implies it wont work for icmp.

Why would you want this policy?

--

 :{ [EMAIL PROTECTED]

        Andy Farkas
    System Administrator
   Speednet Communications
 http://www.speednet.com.au/



_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to