AMK4 writes:
> ipmasq rules, I have setup the following:
>
> /sbin/ipfwadm -F -p deny
> /sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> /sbin/ipfwadm -F -a acc -D coyote
> /sbin/ipfwadm -F -a acc -S coyote
>
> And everything works. If I don't add those two last lines,
> nothing will go to coyote because of the initial deny line.
>
> But now, I'd like to block some traffic coming in to coyote (.75),
> specifically, a domain name. If at all possible. How can I do that? I'm
> assuming that I have to change my deny line somehow?
Could you not add a line above the two coyote lines such as:
/sbin/ipfwadm -F -a deny -D coyote -S aaa.bbb.ccc.0/24
I think that the process for determining the action (-a) to take is merely a
progression from one action to the next until a match is found. Once a
match is found, I don't think further actions are looked for. Thus, if the
deny line (as above) was before the accept lines, then it would be carried
out. Any sources (-S) that matched the domain name to be filtered would be
filtered out. Sources that didn't match the domain name would progress to
the next line and thus be allowed.
Give it a try - see what happens (I'm curious to know the logic structure of
the ipfwadm command parsing).
--
Damion Milliken University of Wollongong
Unofficial Shadowrun Guru E-mail: [EMAIL PROTECTED]
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GE d- s++:-- a22 C++$ US++$>+++ P+ L++>+++ E- W+$>++ N++ o@ K- w+(--)
O-@ M-- V- PS+ PE Y+>++ PGP-@>++ t+ 5 X++>+++ R+(++) !tv(--) b++(+++)
DI+++ D G+ e++>++++$ h(*) r(--) y--
------END GEEK CODE BLOCK------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
