RE: (PM) Filters -- How do I let one TCP port in from a specific IP while denying others? (fwd)

Mark Radabaugh (mark@woodville.net)
Wed, 26 Nov 1997 12:28:21 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Y. Chen: "(PM) Locating a bad Modem"
Previous message: Pedro Melo: "(PM) Off-topic but urgent decision... :(("

I guess my original post wasn't very clear. What I am trying to do
is allow a PPTP connection (comes in on port 139) to a single machine
on my /26 network (hence the /32) from a single outside network.

The second thing I was trying to do was prevent Winnuke attacks
on my customers (a few quake players have a problem with this -
I asked them to patch their systems but I still wanted to log the
attempts). That was the point of denying 139 to the /26 network.

I believe MZ may have answered the question with:

>> If they matched rule six it would stop parsing there
>> and never see rule 7 or 8..

I did not realize that packets were not processed by all rules.
Packet processing stops at the first rule that explicitly permits
or denies the packet in the filter?

The first couple rules deny all access to specific (insecure)
machines and block spoofing.

BTW: The quake guys love this PM-3. Lots of compliments.

Mark Radabaugh
mark@woodville.net

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: Y. Chen: "(PM) Locating a bad Modem"
Previous message: Pedro Melo: "(PM) Off-topic but urgent decision... :(("