> Hi,
>
> You must not forget that if there is even one rule
> and it's not empty, everything not permitted at
> the end, is implied to be forbidden.
> As a last rule are you permitting 0.0.0.0/0 0.0.0.0/0 IP ?
Why would you want to permit any source IP? If you're going to the
trouble of making a filter, and you don't have a ridiculous number of CIDR
blocks, then only allow the subset of possibly valid source addresses.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | drawn and quartered...whichever
Florida Digital Turnpike | is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>