I've tried every variation I can think of but here's the basic filter:
1 deny 0.0.0.0/0 0.0.0.0/0 udp src eq 137
2 deny 0.0.0.0/0 0.0.0.0/0 udp src eq 138 (these two rules due to windows)
3 permit 207.215.203.192/26 0.0.0.0/0
We put this filter on the input of the ethernet and it should (to my simpleton
way of thinking) only pass the address range we want into the box.
However, a packet trace shows the following merrily passing through the filter:
UDP from 192.168.120.70.137 to 192.168.120.255.137
UDP from 192.168.120.70.137 to 192.168.120.255.137
UDP from 192.168.120.68.137 to 255.255.255.255.138
UDP from 192.168.120.70.138 to 192.168.120.255.138
>From the .255 address in the destination I have to wonder if the PM-2 just
doesn't filter broadcast messages??? Am I missing something?
Thanks in advance,
Oscar Erickson
-- Sine Wave Solutions, LLC - The ultimate internet solution. Phone (510) 970-7448, FAX (510) 970-6080 - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message. Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>