I suspect that's not what you really want. What I think you want is actually a
filter on the virtual terminal ports on the PM or 'the box itself' instead.
Here's why I think that.
Let's say that you want to disable anyone from getting to the virtual terminal
ports from anywhere. So you create your 'global filter' that disables port 23.
But as a side effect, it also prevents through traffic from the dialup users for
any outbound port 23 destination. Seems to me like most people would find that
an undesireable side effect.
In addition to the telnet port on the box, I could see a desire for SNMP, ICMP
ports (for ping and traceroute), portmaster protocol, and maybe others that
don't jump out at me.
Greg
=========================My return addresses are==============================
Greg Merrell Internet: greg@msm.com
MSM Company Internet Services Voice: +1-408-253-0970
Cupertino, CA Fax: +1-408-253-0590
==============================================================================