Here we do it the other way, because we had some complaints about
NetMeeting, PcAnywhere etc.
So instead of permit1, permit2, permitx logic, we do deny1, deny2, deny3,
permit all the rest.
Regards,
Stavros N. Bairactaris
Administrator@smartnet.gr
SmartNet Internet Service Provider
Data: +30 1 9531601 (POP1)
+30 1 9530260 (POP2)
ISDN: Starting September 1 1998
Voice: +30 1 9578784-5
Cellular: Call voice #, ask for cellular #
-----Original Message-----
From: Jon Lewis [mailto:jlewis@inorganic5.fdt.net]
Sent: Δευτέρα, 13 Ιουλίου 1998 3:00 πμ
To: Stavros N. Bairactaris
Cc: Portmaster-Users; Andy Kirkham
Subject: RE: (PM) pm3 filters
On Mon, 13 Jul 1998, Stavros N. Bairactaris wrote:
> Hi,
>
> You must not forget that if there is even one rule
> and it's not empty, everything not permitted at
> the end, is implied to be forbidden.
> As a last rule are you permitting 0.0.0.0/0 0.0.0.0/0 IP ?
Why would you want to permit any source IP? If you're going to the
trouble of making a filter, and you don't have a ridiculous number of CIDR
blocks, then only allow the subset of possibly valid source addresses.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | drawn and quartered...whichever
Florida Digital Turnpike | is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>