Re: filters for email only

Michael Hart (michaelh@bluebonnet.net)
Tue, 01 Apr 1997 15:45:21 -0600

Thank you that worked much better. Would it be possible to add
something to this filter
to allow users to bring up webpages at one IP address only.

Thanks
Michael

Jon Rust wrote:
>
> My bad for posting an incomplete filter. Here's the full version:
>
> add filter f1.in
> set filter f1.in 1 permit 0.0.0.0/0 0.0.0.0/0 udp dst eq 53
> set filter f1.in 2 permit 0.0.0.0/0 0.0.0.0/0 udp src eq 53
> set filter f1.in 3 permit 0.0.0.0/0 205.228.248.0/24 tcp dst eq 110
> set filter f1.in 4 permit 0.0.0.0/0 205.228.248.0/24 tcp src eq 110 estab
> set filter f1.in 5 permit 0.0.0.0/0 205.228.248.0/24 udp dst eq 110
> set filter f1.in 6 permit 205.228.248.0/24 0.0.0.0/0 udp src eq 110 estab
> set filter f1.in 7 permit 0.0.0.0/0 205.228.248.0/24 tcp dst eq 25
> set filter f1.in 8 permit 0.0.0.0/0 205.228.248.0/24 tcp src eq 25 estab
> set filter f1.in 9 permit 0.0.0.0/0 205.228.248.0/24 udp dst eq 25
> set filter f1.in 10 permit 205.228.248.0/24 0.0.0.0/0 udp src eq 25 estab
> add filter f1.out
> set filter f1.out 1 permit 0.0.0.0/0 0.0.0.0/0 udp dst eq 53
> set filter f1.out 2 permit 0.0.0.0/0 0.0.0.0/0 udp src eq 53
> set filter f1.out 3 permit 205.228.248.0/24 0.0.0.0/0 tcp src eq 110 estab
> set filter f1.out 4 permit 205.228.248.0/24 0.0.0.0/0 tcp dst eq 110
> set filter f1.out 5 permit 0.0.0.0/0 205.228.248.0/24 udp src eq 110 estab
> set filter f1.out 6 permit 205.228.248.0/24 0.0.0.0/0 udp dst eq 110
> set filter f1.out 7 permit 205.228.248.0/24 0.0.0.0/0 tcp src eq 25 estab
> set filter f1.out 8 permit 205.228.248.0/24 0.0.0.0/0 tcp dst eq 25
> set filter f1.out 9 permit 0.0.0.0/0 205.228.248.0/24 udp src eq 25 estab
> set filter f1.out 10 permit 205.228.248.0/24 0.0.0.0/0 udp dst eq 25
>
> Notice the parts with 25 in it? That's what gotcha.
> jon