Filter ICMP Packets

ed seiler (pman@rcia.com)
Wed, 09 Jul 1997 13:48:03 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeremy Malli: "Big Problems with pm3_3.5.1b20!"
Previous message: Evan Champion: "Re: Subnet routing"

Hi,
I need to have a general filter ready for emergency use.
Will this filter handle it? I want to let the important stuff thru
but kill off the unimportant things. Allowed is tcp, ftp, news,mail,
and www but deny ping and outgoing packets to own network. I am using a
PM3
with PRI and FracT1 for the two lines.

add filter e
set filter e 1 deny 209.20.159.0/24 0.0.0.0/0
set filter e 2 permit 0.0.0.0.0/0 server/32 tcp estab
set filter e 3 permit 0.0.0.0.0/0 server/32 tcp dst eq ftp
set filter e 4 permit 0.0.0.0.0/0 server/32 tcp src ftp-data dst gt 1023
set filter e 5 permit 0.0.0.0.0/0 server/32 tcp dst eq nntp
set filter e 6 permit 0.0.0.0.0/0 server/32 tcp dst eq smtp
set filter e 7 permit 0.0.0.0.0/0 server/32 tcp dst eq www-http
set filter e 8 permit 0.0.0.0.0/0 server/32 udp dst eq domain
set filter e 9 permit 0.0.0.0.0/0 server/32 tcp dst eq domain
set filter e 10 deny icmp 0
set filter e 11 deny icmp 3
set filter e 12 deny icmp 8
set filter e 13 deny icmp 11
set filter e 14 deny log

set console
ptrace e <- to start filtering or does it start filtering
immediately after typing the line and ptrace
only starts the log?

log information should be in here

ptrace <- to stop filtering
reset console

P.S. Installed 351b20 in the PM3 the other day and it runs perfectly.

-- 
Ed
RCIA  <Relatively Cheap Internet Access>
Redmond, WA

Next message: Jeremy Malli: "Big Problems with pm3_3.5.1b20!"
Previous message: Evan Champion: "Re: Subnet routing"