Re: IPFilter 4.1.13 on Solaris 8 ... What am I missing? ... Getting
This is a discussion on Re: IPFilter 4.1.13 on Solaris 8 ... What am I missing? ... Getting within the IPFilter forums, part of the System Security and Security Related category; boxyzzy@netscape.net wrote: > ... > Refer to ipstat display below. > The packets are blocked as described above with ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
07-19-2007
|
|||
|
|||
Re: IPFilter 4.1.13 on Solaris 8 ... What am I missing? ... Getting
boxyzzy@netscape.net wrote:
> ... > Refer to ipstat display below. > The packets are blocked as described above with or w/o statements 46, > 47 48. Statements 40-48 were my > attempt to say, "Pass in ANY packet from these trusted hosts, > regardless of the flag being set." > ... > @46 pass in quick proto tcp from 123.456.70.0/26 to any flags > FSRPAU/FSRPAU keep state keep frags > @47 pass in quick proto tcp from 123.456.70.64/27 to any flags > FSRPAU/FSRPAU keep state keep frags > @48 pass in quick proto tcp from 123.456.70.96/28 to any flags > FSRPAU/FSRPAU keep state keep frags What you have said is match only packets with all of the flags FIN, SYN, RST, PSH, ACK and URG set. Or in other words, those rules will never match a packet :) To match all packets, regardless of flags, do not specify the "flags X/Y" in the rule. Darren 
|
Linear Mode
