{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 混吃等死 的问题《Mac | ipfw adding firewall rule [duplicate]》','https://www.manongdao.com/q-969325.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
This question is an exact duplicate of:
- Add firewall rule programmatically 1 answer
In my Application, i need to block firewall such a way that it should block all the url and allow certain URL,
this is the rule i am wring
assuming i don't want to block www.google.com , www.facebook.com
ipfw 12164 deny tcp from any to any
ipfw 12156 allow tcp from any to www.google.com
ipfw 12157 allow tcp from any to www.facebook.com
but its blocking all the connection, what should be the firewall rule to have such a scenario.
Using
ipfwto filter the traffic isn't a good idea.ipfwonly works with IP address: when you add a rule with a hostname, the hostname is resolved and the current IP address in used.Some hostname can have multiple IP addresses (test the command
host www.google.com) or the IP address my change, or the server may return link to resources stored on other addresses.If you want to filter the website the user can access, you can use parental controls or Managed Client (MCX).
But if you still want to use
ipfw, you should accept ingoing TCP traffic. Your rules only accept outgoing TCP traffic towww.google.comandwww.facebook.comand block any response.You should write the first rule like this: