(PM) Filter question

Joel Mello (jmello@azop.net)
Wed, 17 Feb 1999 19:36:02 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Krzysztof Adamski: "Re: (PM) Testing 2nd PRI"
Previous message: Russ Hughes: "Re: (PM) I'm Mad As Hell"

Hello,
I am trying to create an incoming filter for our Internet connection,
however I have a question before I create it. The filter will only allow
connections to a few ports (FTP, WWW, smtp, dns, telnet, etc) on our
servers. By implementing this filter however, won't it immediately
disallow any connections to our dial up users' computers (unless I specify
each and every IP in the dial up pool, and the protocols and ports that can
be used)? In other words, say a dial up user fires up mIRC (which runs an
Identd server that listens on port 113), or any other program that opens a
port for listening on their computer. The filter should deny any packets
_sent_ (connection attempts, etc) to those listening ports from anyone else
on the net, unless I add a line similar to:
set filter Internet.in 1 permit 0.0.0.0/0 0.0.0.0/0 tcp
for every IP that is in the dial up pool, right? Is there a way to make my
filter allow connections to any/all ports for all the IP's in the pool
(which is from .64 to .99, and from .193 to .239)?

Thanks in advance,

-Joel

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Krzysztof Adamski: "Re: (PM) Testing 2nd PRI"
Previous message: Russ Hughes: "Re: (PM) I'm Mad As Hell"