Re: (PM) Filter Help

John G. Thompson (jgt10@livingston.com)
Wed, 24 Feb 1999 16:21:50 -0800

At 05:05 PM 02/23/99 -0800, Arvo Koppel Admin wrote:
>Hi Folks
>
>I am trying to set up some user filters to deny access to certain ports,
>specifically ports that are used by Back Orifice and the like.
>
>We have a pm2 using comos 3.7 the filter installed is a user filter
>as shown below:
>
>nobo.out
>
> 1 permit 0.0.0.0/0 0.0.0.0/0 udp dst eq 53
> 2 permit 0.0.0.0/0 0.0.0.0/0 tcp dst eq 53

[snip]

>We also have an empty nobo.in filter which will also contain permit/deny
>rules once the one above is functional.

Definitely remove the nobo.in filter.

>For some reason dns responses are not getting back to the user
>They (I) can do anything as long as I use the numered IP address.

The sense of .in and .out is based on the network interface. In the case
above the nobo.out filter is applied to all traffic going OUT of the
network interface TO the remote machine.

I think if you make the nobo.out the nobo.in filter you will that DNS and
everything else will work.

Hope that helps!

JGT
---------------------------------------------------------------------------
John G. Thompson Technical Support STAFF Engineer aka JOAT(MON)

---==####==---Lucent Technologies Remote Access Business Unit---==####==---
4464 Willow Road ftp://ftp.livingston.com/ Tel: (800) 458-9966
Pleasanton, CA 94588 http://www.livingston.com/ Fax: (925) 737-2110
---------------------------------------------------------------------------
******* The solution to any problem lies in its proper definition. *******
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>