[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: keep state
From: John Wojtowicz <wojtowij () tcs-sec ! com>
Date: 1999-05-27 10:16:07
[Download RAW message or body]
Just attempting to verify something that I think is correct:
given two separate rulesets:
1).
block in all
block out all
pass out tcp any port > 1023 to any port = 25 keep state
2).
block in all
block out all
pass out tcp any port > 1023 to any port = 25
pass in tcp any port = 25 to any port > 1023 flags A/A
Is 1. a valid substitute for 2. if your concerned about sequence,
as well as only allowing outgoing connections? Is there any reason
NOT to use 1. rather than 2.?
John
--
John Wojtowicz, Secure Systems Engr. ph: (703) 318-7134
Trusted Computer Solutions, Inc. fax: (703) 318-5041
13873 Park Center Rd. Suite 225 email: jwojtowicz@tcs-sec.com
Herndon, VA 20171 http://www.tcs-sec.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic