Sure. You can use ptrace for any filter over a telnet session as long as
you add a filter that denies your telnet session info. In the example
below, that is what the first two filters do. The first denies all traffic
from the router out, the second denies all traffic inbound to the router.
Remember you do not want to apply this to any ports! Simply run ptrace with
the filter name as the argument.
-Robert
>On Sun, 14 Jun 1998, Jason Marshall wrote:
>> xxxxx> sh filter everything
>> 1 deny aaa.bbb.ccc.1/32 0.0.0.0/0 ip
>> 2 deny 0.0.0.0/0 aaa.bbb.ccc.1/32 ip
>> 3 permit 0.0.0.0/0 0.0.0.0/0 tcp
>> 4 permit 0.0.0.0/0 0.0.0.0/0 udp
>> 5 permit 0.0.0.0/0 0.0.0.0/0 icmp
>>
>> (rule 3 could be set to "permit" negating the need for 4 and 5, but I
>> prefer to be explicit wherever I can)
>>
>> Where aaa.bbb.ccc.1 is the address of the OR-u itself (make sure you
>> already know it's not the OR-u doing the talking *8-). If you want to see
>> if it's the router doing the talking, set up another filter called
>> something else, and make it look like this:
Robert Boyle Server Co-location,
Garden Networks Internet Access,
50 Diller Ave Development & Consulting
Newton, NJ 07860 (973)300-9211 Ext.103
8AM-8PM Mon-Fri EST http://www.garden.net
Lucent RABU & Software.Com Post.Office VAR
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>