[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: cannot use port and neither tcp or udp
From: Remco Post <r.post () sara ! nl>
Date: 2002-11-22 9:30:54
[Download RAW message or body]
the difference is that proto can also be icmp or any of the less
frequently used proto's usable on ip (ip in ip for tunnels eg). Since
these cannot do ports, there is no such thing in icmp, port cannot be
used with these proto's....
On vrijdag, november 22, 2002, at 01:20 , Bruce Ordway wrote:
> OOPs!
> That should be:
>
> block in log quick on fxp0 from any to any port = 0
> block in log quick on fxp0 proto tcp/udp from any to any port = 0
>
> -----Original Message-----
> From: Bruce Ordway [mailto:bruceo@vikingeng.com]
> Sent: Thursday, November 21, 2002 6:12 PM
> To: 'ipfilter@coombs.anu.edu.au'
> Subject: cannot use port and neither tcp or udp
>
>
> Hi,
>
> I have a working FreeBSD 4.3 firewall.
> I'm rebuilding the ipfilter rules on a new install of FreeBSD 4.7.
> I was going to use the same rules but I've run into a little snag.
>
> This rule works on the old system:
> block in log quick on fxp0 from any to any port = 0
> but on the new system generates this error:
> cannot use port and neither tcp or udp
>
> If I change the rule to this:
> block in log quick of fxp0 proto tcp/udp from any to any port = 0
> Then I don't get an error.
>
> Can anybody tell me what may have changed?
> And, are these two rules doing the same thing?
>
> Thanks,
> Bruce Ordway
>
--
Met vriendelijke groeten,
Remco Post
SARA - Stichting Academisch Rekencentrum Amsterdam http://www.sara.nl
High Performance Computing Tel. +31 20 592 8008 Fax. +31 20 668 3167
PGP keys at http://home.sara.nl/~remco/keys.asc
"I really didn't foresee the Internet. But then, neither did the computer
industry. Not that that tells us very much of course - the computer
industry
didn't even foresee that the century was going to end." -- Douglas Adams
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic