ipfw has a handly configuration section in rc.conf to ease firewalling. In the 'workstation' type, however, there is a way to allow full access for selected clients, but no way for denying it for others.
The attached patches would add that support. Since lists of IP's could grow big, I've opted to using files to host the list of addresses, as opposed to writing the list in rc.conf.
I've made it possible so that either all IP-related traffic is blocked, or specific TCP ports are blocked. The user can decide that easily via rc.conf.
Please pay attention that this supersedes pr=176344 which I had sent an hour ago; this PR adds support for selective TCP ports.
Fix: Patch attached with submission follows:
Over to maintainer(s).
After reviewing the patch, I realise that a file may contain a whitespace de=
limiter, and not necessarily a space character.=20
As such, it'd be wiser to use -w instead of -d " " in 'cut' command to achie=
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped