# ipfw firewall



## thebigbanana (Nov 14, 2009)

hello,
apologies if this has been thoroughly covered in the past.
i am a newbie to ipfw, and not very knowledgeable with unix/linux in general.

i am attempting to set up a firewall to block all traffic to a single user on all ports.

i am attempting to do this on a single computer connected via a home router.

i know the ipv4 address i wish to block, and my current attempt has consisted of

ipfw add deny log all from x.x.x.x to x.x.x.x

i then typed firewall_enable="YES", and restarted my computer

where i have put the same ip for the from and the to address since i dont know if theres a simpler way to do it for a single address.

i have had no luck, the user is continuing to disrupt me from the same ip.

i am using mac os x 10.5. any help would be gratefully appreciated.

cheers,
derek


----------



## anomie (Nov 14, 2009)

Let's see the output of: 
`$ sudo ipfw list`

How is the user disrupting you? And how did you determine which IP the nasty activity was associated with?


----------



## thebigbanana (Nov 15, 2009)

sudo ipfw list returns


```
00100 deny log ip from x.x.x.x to x.x.x.x
65535 allow ip from any to any
```

where ive replaced the actual ip with x's. i used 


```
netstat -f inet
```

to get the ip. its basically a disruptive user in a voip program (my computer is acting as the server) i am using that i would like to block.


----------



## DutchDaemon (Nov 15, 2009)

Does x.x.x.x represent the same IP address twice? That doesn't work. You'd have to use something like:


```
deny log ip from x.x.x.x to any
deny log ip from any to x.x.x.x
```

You are now blocking traffic from him to him, not from him *and* to him.


----------



## thebigbanana (Nov 15, 2009)

thanks very much. i misunderstood the meaning of the x.x.x.x to x.x.x.x - thought it represented a range of ips.


----------

