So you want it from the SINGLE IP x.x.x.x to the SINGLE IP y.y.y.y, ONLY
if it is TCP, and then ONLY to port 139? And then to deny all other
traffic to port 139?
permit x.x.x.x/32 y.y.y.y/32 tcp dst eq 139
deny 0.0.0.0/0 0.0.0.0/0 dst eq 139 log
First like lets TCP packets from any port on x.x.x.x to port 139 on y.y.y.y
Secone line denies any packets from any host to any host on port 139, and
logs them.
> following example does not work since the packets I want make it
> past rule 6 but get denied by rule 7. Reversing the order of 6 and
Then the packets are not matching you rule 6. If they matched rule six
it would stop parsing there and never see rule 7 or 8.
>6 permit x.x.x.x/24 y.y.y.y/32 tcp dst eq 139
>7 deny 0.0.0.0/0 y.y.y.y/26 udp dst eq 139 log
>8 deny 0.0.0.0/0 y.y.y.y/26 tcp dst eq 139 log
-MZ
-- Livingston Enterprises - Chair, Department of Interstitial Affairs Phone: 800-458-9966 510-737-2100 FAX: 510-737-2110 megazone@livingston.com For support requests: support@livingston.com <http://www.livingston.com/> Snail mail: 4464 Willow Road, Pleasanton, CA 94588 - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message.