>permit x.x.x.x/32 y.y.y.y/32 tcp dst eq 139
>deny 0.0.0.0/0 0.0.0.0/0 dst eq 139 log
>Then the packets are not matching you rule 6. If they matched rule six
>it would stop parsing there and never see rule 7 or 8.
>
>>6 permit x.x.x.x/24 y.y.y.y/32 tcp dst eq 139
>>7 deny 0.0.0.0/0 y.y.y.y/26 udp dst eq 139 log
>>8 deny 0.0.0.0/0 y.y.y.y/26 tcp dst eq 139 log
Actually ALL his hosts on his Class C are matching rule 6 and that is his
problem. Notice he has permit x.x.x.x/24 vice x.x.x.x/32 which was
in MZ's fine example. His rule matches the whole Class C (/24) If he
wants only one host in the source its gotta be /32. I'm not sure he
caught that.
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.