Jump to content
Not connected, Your IP: 18.222.182.249
AirVPN
Sign in to follow this  
Followers 0
galilao

Why doesn't this firewall work?

By galilao, ... in General & Suggestions

Recommended Posts

galilao    2

galilao
Posted ...

Hello:

I tried running this firewall at a restaurant with the IP address of 10.1.10.95, an router address of 10.1.10.1, and a subnet mask of 255.255.255.0, and it doesn't block when the VPN is disconnected. Can anybody tell me what is wrong with it?

Thank you

sudo sysctl -w net.inet.ip.fw.enable=0

sudo sysctl -w net.inet.ip.forwarding=0

sudo ipfw flush

sudo ipfw delete set 31

sudo sysctl -w net.inet.ip.fw.enable=1

sudo sysctl -w net.inet.ip.forwarding=0

sudo ipfw add 01200 allow ip from 10.1.0.0/16 to 37.235.51.133 keep-state

sudo ipfw add 01300 allow ip from 10.1.0.0/16 to 89.149.226.185 keep-state

sudo ipfw add 01400 allow ip from 10.1.0.0/16 to 46.165.208.65 keep-state

sudo ipfw add 01500 allow ip from 10.1.0.0/16 to 31.193.12.74 keep-state

sudo ipfw add 01600 allow ip from 10.1.0.0/16 to 31.193.12.98 keep-state

sudo ipfw add 01700 allow ip from 10.1.0.0/16 to 94.242.205.234 keep-state

sudo ipfw add 01800 allow ip from 10.1.0.0/16 to 95.211.169.3 keep-state

sudo ipfw add 01900 allow ip from 10.1.0.0/16 to 85.17.123.26 keep-state

sudo ipfw add 02000 allow ip from 10.1.0.0/16 to 95.211.191.33 keep-state

sudo ipfw add 02100 allow ip from 10.1.0.0/16 to 62.212.85.65 keep-state

sudo ipfw add 02200 allow ip from 10.1.0.0/16 to 95.211.98.154 keep-state

sudo ipfw add 02300 allow ip from 10.1.0.0/16 to 178.248.30.131 keep-state

sudo ipfw add 02400 allow ip from 10.1.0.0/16 to 198.15.111.162 keep-state

sudo ipfw add 02500 allow ip from 10.1.0.0/16 to 108.59.11.194 keep-state

sudo ipfw add 02600 allow ip from 10.1.0.0/16 to 108.59.8.147 keep-state

sudo ipfw add 02800 allow ip from 10.1.0.0/16 to 69.163.36.66 keep-state

sudo ipfw add 03000 allow ip from 127.0.0.1 to any

sudo ipfw add 05000 allow log ip from 10.0.0.0/8 to any

sudo ipfw add 05100 allow log ip from any to 10.0.0.0/8

sudo ipfw add 65534 deny log ip from any to any

Share this post

Link to post

Staff    9972

Staff
Posted ...

Hello:

I tried running this firewall at a restaurant with the IP address of 10.1.10.95, an router address of 10.1.10.1, and a subnet mask of 255.255.255.0, and it doesn't block when the VPN is disconnected. Can anybody tell me what is wrong with it?

Hello!

In this case the firewall will not block anything because of the following lines:

sudo ipfw add 05000 allow log ip from 10.0.0.0/8 to any

sudo ipfw add 05100 allow log ip from any to 10.0.0.0/8

which must be replaced in any case with the proper AirVPN IP ranges.

Please see https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=2935&Itemid=142#4481

Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...