The rule I am looking for is basically
deny (not xxx.xxx.xxx.xxx/24) 209.57.124.2/26 tcp dst eq 139
I understand the "things not explicity permitted are denied" which means =
that just rule 6 in the example below would work if I didn't have rules =
9 and 10. Rules 9 and 10 are there so that I do not have to pick each =
service port individually. Picking individual ports makes for a very =
long set of filter rules.
What am I missing here?
Example:
6 permit x.x.x.x/24 y.y.y.y/32 tcp dst eq 139
7 deny 0.0.0.0/0 y.y.y.y/26 udp dst eq 139 log
8 deny 0.0.0.0/0 y.y.y.y/26 tcp dst eq 139 log
9 permit tcp=20
10 permit udp =20
mark@woodville.net
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.