> I cannot figure out how to set up a packet filter to stop traffic going
> to a specific ip, from anywhere within our system.
>
> The filter comands I issued were:
>
> add filter i
> set filter i 1 deny 0.0.0.0/0 x.x.x.x/24
You said you want to block traffic to a single IP, but this says you want
to block it to an entire /24?
If you want to block packets addressed to 192.168.1.25, sourced from any
host, try something like:
1 deny 0.0.0.0/0 192.168.1.25/32
The /32 means a single IP address.
> set console
> ptrace i
The other problem is that you are using this filter with a ptrace which
means "packet trace". It is used for debugging and does not block
packets. What you are telling the PM to do is display all packets to the
console, except for ones matching that rule. Nothing is going to be
blocked from being sent.
You need to apply the filter to an interface. Whether this is a wX, sX,
or etherX interface will depend on your network topology. This will also
determine whether it is to be an input or output filter. Please take a
look at the manual in the section on filters, if this still does not make
sense to you.
--jr
----
Josh Richards - <jrichard@livingston.com> - [Beta Engineer]
LUCENT Technologies - Remote Access Business Unit
(formerly Livingston Enterprises, Inc.)
http://www.livingston.com/
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>