Re: ipf question
From: Erick Mechler (emechler_at_techometer.net)
Date: 01/19/05
- Previous message: Garrett Wollman: "Kerberos ticket passing"
- In reply to: Sherman, Michael (GE Energy): "ipf question"
- Next in thread: Rudolf Polzer: "Re: ipf question"
- Reply: Rudolf Polzer: "Re: ipf question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Jan 2005 10:01:31 -0800 To: "Sherman, Michael (GE Energy)" <michael.sherman@og.ge.com>
:: pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep
:: state
This line allows in all tcp and udp ports less than 137 and greater than
139, which is exactly what you don't want :) If you want to allow all
ports 137-139 inclusive, you need to change it to
... port 136 >< 140 keep state
The < and > operators are not inclusive.
Cheers - Erick
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Garrett Wollman: "Kerberos ticket passing"
- In reply to: Sherman, Michael (GE Energy): "ipf question"
- Next in thread: Rudolf Polzer: "Re: ipf question"
- Reply: Rudolf Polzer: "Re: ipf question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
