Re: (PM) A problem with filters

Stephen Fisher (lithium@cia-g.com)
Mon, 23 Feb 1998 19:21:35 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Sine Wave Surfmaster: "Re: (PM) A problem with filters"
In reply to: Krzysztof Adamski: "Re: (PM) A problem with filters"

You probably want to filter udp dst eq 137 and 138 (and 139?) since that is
the port that it actually goes to. When a connection is established (well,
with tcp - with udp a packet is just sent) it goes to the port 23 for
telnet, 80 for http, etc. but comes from any port number > 1024 on the
source machine.

On Mon, Feb 23, 1998 at 05:29:06PM -0800, Sine Wave Surfmaster wrote:

..
> I've tried every variation I can think of but here's the basic filter:
>
> 1 deny 0.0.0.0/0 0.0.0.0/0 udp src eq 137
> 2 deny 0.0.0.0/0 0.0.0.0/0 udp src eq 138 (these two rules due to windows)
> 3 permit 207.215.203.192/26 0.0.0.0/0
..

-- 
 - Steve
  - Systems Manager
  - Community Internet Access, Inc.
  - Gallup and Grants, New Mexico
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Previous message: Sine Wave Surfmaster: "Re: (PM) A problem with filters"
In reply to: Krzysztof Adamski: "Re: (PM) A problem with filters"