Adding the address line seems easy enough. Richard, thanks for your
help.

Does anyone know what the parameter JRN does on the FILTER SET line?
For example, if JRN = YES, does it journal all the permited and denied
addresses or just the denied addresses? Also, what is the name of the
journal?

Diana Hicks
Town of Jupiter

-----Original Message----
date: Tue, 10 Jul 2007 16:44:27 -0400
from: "Richard Casey" <casey_r@xxxxxxxxxxxxxxxx>
subject: RE: Denying TCP connections based on IP

Diana,

You can't include something like 162.56.*.* in your FILTER line, but you
can achieve the same result by using the ADDRESS keyword.

ADDRESS net16256 IP = 162.56.0.0 THROUGH 162.56.255.255
FILTER SET TestFilter ACTION = PERMIT DIRECTION =- INBOUND SRCADDR =
net16256 DSTADDR = * PROTOCOL = * DSTPORT = * SRCPORT = *


The "net16256" in the FILTER line points to the IP address range
specified in the ADDRESS line.

Also, I second Larry's recommendation of the rescue command (RMVTCPTBL)
and a non TCP/IP terminal to be able to run it on. Packet filters are
quite effective at locking everybody out! Been there, done that!

Hope this helps!
Richard Casey



PLEASE NOTE: Florida has a very broad public records law. Most written
communications to or from the Town of Jupiter officials and employees regarding
public business are public records available to the public and media upon
request. Your e-mail communications may be subject to public disclosure. Under
Florida law, e-mail addresses are public records. If you do not want your
e-mail address released in response to a public records request, do not send
electronic mail to this entity. Instead, contact this office by phone or in
writing. The views expressed in this message may not necessarily reflect those
of the Town of Jupiter. If you have received this message in error, please
notify us immediately by replying to this message, and please delete it from
your computer. Thank you.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.