Well, I thought I had all of that working as well. In fact, I let the
filtered user get to any mailserver, and dns they want. They just cant do
anything else. Here's the filter I used. Maybe you can explain what I've
done wrong here.
emo.in
1 permit 0.0.0.0/0 0.0.0.0/0 udp dst eq 53
2 permit 0.0.0.0/0 0.0.0.0/0 tcp dst eq 25
3 permit 0.0.0.0/0 0.0.0.0/0 tcp dst eq 110
4 permit 0.0.0.0/0 0.0.0.0/0 tcp dst eq 113
5 permit 0.0.0.0/0 0.0.0.0/0 udp dst eq 113
6 permit 0.0.0.0/0 0.0.0.0/0 icmp
emo.out
1 permit 0.0.0.0/0 0.0.0.0/0 udp src eq 53
2 permit 0.0.0.0/0 0.0.0.0/0 tcp src eq 25
3 permit 0.0.0.0/0 0.0.0.0/0 tcp src eq 110
4 permit 0.0.0.0/0 0.0.0.0/0 tcp src eq 113
5 permit 0.0.0.0/0 0.0.0.0/0 udp src eq 113
6 permit 0.0.0.0/0 0.0.0.0/0 icmp
P.S. Sorry about any 'private' email some of you may have gotten from me. I
didn't pay any attention to where the replies were going. Kind of explains
why none of my earlier posts never made it. :)
-=)> Robert Hough (rch@iserve.net)
-=)> Computer Specialists, Inc.
-=)> http://www.csinc.net
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>