Re: ipf question

From: Erick Mechler (emechler_at_techometer.net)
Date: 01/19/05

  • Next message: Rudolf Polzer: "Re: ipf question"
    Date: Wed, 19 Jan 2005 10:01:31 -0800
    To: "Sherman, Michael (GE Energy)" <michael.sherman@og.ge.com>
    
    

    :: pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep
    :: state

    This line allows in all tcp and udp ports less than 137 and greater than
    139, which is exactly what you don't want :) If you want to allow all
    ports 137-139 inclusive, you need to change it to

      ... port 136 >< 140 keep state

    The < and > operators are not inclusive.

    Cheers - Erick
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Rudolf Polzer: "Re: ipf question"

    Relevant Pages

    • Re: system-config-printer cant find my remote printer ??
      ... Both TCP and UDP ports 631 are open, on both machines. ... Clemson University Math Sciences ...
      (Fedora)
    • UDP Port Forwarding
      ... Diese Software benötigt, ... UDP Ports 5198 und 5199 direkt durch den Proxy an meinen ... Client weitergeleitet werden und eine TCP Verbindung ... Das mit dem TCP Port 5200 hatte ich recht schnell raus. ...
      (microsoft.public.de.german.isaserver)
    • Re: list port are listen
      ... port numbers for all programs listening on TCP or UDP ports, ... with the program/PID for each entry. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
      (Debian-User)
    • Re: ssh-tunnel with gnomemeeting?
      ... > What ports does GnomeMeeting use for H.323? ... > 1720 TCP for the H.225 channel. ... > UDP ports between 5000 and 5003 for audio and video. ...
      (comp.security.ssh)
    • Re: Spyware eConnect for Computer Fraud passed the Firewall
      ... Duane Arnold wrote: ... > 1) BID's firewall can accept or reject traffic by specified IPon TCP ... > or UDP ports. ...
      (comp.security.misc)