> So neither icmp nor POP3 will reset the idle timer, also have an
> option in the filters (such as a special keyword) which you could
> put in which ComOS would replace with the user's current ip. This
> would also allow you to setup filters which prevent users from ip
> spoofing:
Amen. This is very important, but I could see how it might get
CPU intensive. I'd also like to see which port a packet that got
filtered came from, be entered in the logs if you have logging
turned on for that rule. Right now, you can log spoof attempts
from outside your netblock, but have no way knowing who made the
attempt. In most cases, it's a misconfiguration on the customer's
end instead of an intentional spoof. Either way, it would be great
to have a way to tell who it is.
Logan Ashby http://web.texramp.net
lashby@texramp.net sysadmin@texramp.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.