Specifying additional deny rules for bogons, etc

From:	"P Lecheler" <lecheler at technologist dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Specifying additional deny rules for bogons, etc
Date:	Wed, 03 Sep 2003 18:50:45 -0500

It appears that I can only specify permit type access rules using the GUI.  How can I specify
'bogon' (unallocated ip addresses) in my rules
(http://www.cymru.com/Documents/bogon-dd.html#dd-route-agg  for an example)?  This is a common
specification for most firewall type devices.  I have searched the mail archives and did not see it
discussed.  Maybe I missed it but I didn't see a way to deny WAN multicast addresses inbound (this
appeard to be taken care of by a broad deny rule)?  

I'd also like to deny specific TCP ports from the LAN to WAN but can not figure out how to specify
deny.  Do I need to go into the base code and modify one of the php include files?  If so, which
one(s)? 

Have I missed something about how to specify additional deny rules?  I see how we can negate parts
of the rules but this capability appears to be different than deny.

Tnx.

-- 
__________________________________________________________
Sign-up for your own personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

CareerBuilder.com has over 400,000 jobs. Be smarter about your job search
http://corp.mail.com/careers