rules for ipfilters firewall

[benp07]

i would like to block the people on my network from going to a web site
for know we will say gameshownetwork.com
running freebsd 4.6 with ipfilters and nat
i tried to use
block in quick on sis0 from 216.133.253.100 to any

and i also tried

block out quick from any to 216.133.253.100

and

block in quick on sis0 proto tcp from 216.133.253.100 to any

i am using the command to start the new rules
ipf -Fa -vf /etc/ipf.rules
or
ipf -Fa /etc/ipf.rules

i am running freebsd 4.7
with a class c network

thanks for any help
Ben

 

[jmiturbe]

Hello,

I think that this should work:

block out quick from any to 216.133.253.100
block in quick from 216.133.253.100 to any

Check that you don't have any previous contradictory rule with quick option, because when a packet matches a rule with this option the parsing is stopped.

I use ipfilter with solaris and for the rule refresh I have to stop and restart the daemon with the init script (/etc/rc2.d/S65ipfboot) because the reload doesn't work for me.

Bye,

jmiturbe