Re: ipfilter vs nintendo DS

This is a discussion on Re: ipfilter vs nintendo DS within the IPFilter forums, part of the System Security and Security Related category; This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig63422013EDE8A82F9CD60743 Content-Type: text/plain; charset=ISO-8859-1 ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page Re: ipfilter vs nintendo DS

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 01-29-2007
Phil Dibowitz
 
Posts: n/a
Default Re: ipfilter vs nintendo DS
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig63422013EDE8A82F9CD60743
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

David Hough running ipfilt wrote:
> pass in log quick proto tcp from any port =3D 80 to 10.0.2.0/24 port >
> 1023 group
> 100
> pass out log quick proto tcp from any port =3D 80 to 10.0.2.0/24 port >=

> 1023 group 151
> pass in log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =3D=

> 80 group
> 101
> pass out log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =
=3D
> 80 group 150

This is normal HTTP traffic. I suspect if you add keep state to the last =
two
rules you shouldn't need the first two.

> pass in log quick proto tcp from any port =3D 443 to 10.0.2.0/24 port >=

> 1023 group 100
> pass out log quick proto tcp from any port =3D 443 to 10.0.2.0/24 port =
>
> 1023 group 151
> pass in log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =3D=

> 443 group 101
> pass out log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =
=3D
> 443 group 150

Again - add keep state to the second two rules and I think it should suff=
ice
for the first two rules.

> pass in log quick proto tcp from any port =3D 29900 to 10.0.2.0/24 port=
>
> 1023 group 100
> pass out log quick proto tcp from any port =3D 29900 to 10.0.2.0/24 por=
t >
> 1023 group 151
> pass in log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =3D=

> 29900 group 101
> pass out log quick proto tcp from 10.0.2.0/24 port > 1023 to any port =
=3D
> 29900 group 150

Same thing here. Looks like it wants to make outgoing connections on 80,
443, and 29900. Nothing terribly unusual about that.

--=20
Phil Dibowitz phil@ipom.com
Open Source software and tech docs Insanity Palace of Metallica
http://www.phildev.net/ http://www.ipom.com/

"Never write it in C if you can do it in 'awk';
Never do it in 'awk' if 'sed' can handle it; Never use 'sed' when 'tr'
can do the job; Never invoke 'tr' when 'cat' is sufficient; Avoid
using 'cat' whenever possible" -- Taylor's Laws of Programming



--------------enig63422013EDE8A82F9CD60743
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFvYePN5XoxaHnMrsRAm7DAJ9IysQNno4dzmi54RA2ou kNWK7GXACeNZYt
ZUVKyuWusdCfoeUmS5Wce2A=
=cOAj
-----END PGP SIGNATURE-----

--------------enig63422013EDE8A82F9CD60743--
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:49 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0