I am still trying to learn filtering. Could someone
look at this and tell me if it would do what I think
it would do.
With ether0 set to use filter1.out and ether0 being the
Portmaster's path to the internet....
>sho filter filter1.out
1 deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 137 log
2 deny 0.0.0.0/0 0.0.0.0/0 udp dst eq 138 log
eliminate the possiblilty of netbeui garbage being sent out
onto the net from the portmaster by blocking udp/138 and
udp/138 from leaving the portmaster.
3 deny 192.8.100.17/32 0.0.0.0/0 ip log
block a single ip address (192.8.100.17) from being able
able to route packets onto the internet via the portmaster.
4 deny 192.9.200.0/24 0.0.0.0/0 ip log
block a class C .....
5 deny 193.10.0.0/16 0.0.0.0/0 ip log
block a class B .....
6 permit 0.0.0.0/0 0.0.0.0/0 ip
permit everything else
and before someone suggests that I am nutts for wanting to
know how to block an entire class B or C from passing out from the
Portmaster, what if a private network with an addressing scheme
of 193.10.0.0 was using the portmaster for dialup access
to the internet and was concerned about stray packets being
routed out.
Any help/comments would be appreciated.
TIA
Kelly
-- E Kelly Bond ekbond@gnat.net PGP Public Key = http://www.gnat.net/ekbond/pgpkey.html --=====_Eudora-PGP-Plugin1904==_ Content-Type: application/pgp-signature-----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 MessageID: m3ZN+GrmSPMGz0dNsvnYKcGxx2g6MB1U
iQCVAwUBM+Z49CkGsCNP1tzvAQHN4gP+PB38wNZimOcyhL7W2t3nZ9Ong+0CFekT /7JsBFMggHYh1sy1m9V2C6PsSwoCdEO9Zf3YbhmajRusnCo/t+L1ZpSdj+7Czei7 OHu9vhWVIrkbVyNZhtJAErENcl8r+lC4Imo8k3qeqZl5p1OGwbSTtmHikTbqD1e3 M4UHQZIUW/g= =/Jyk -----END PGP SIGNATURE-----
--=====_Eudora-PGP-Plugin1904==_--