Re: ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem

System Administrator (sysadmin@neonramp.com)
Sat, 09 Sep 1995 13:12:17 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian 'MegaZone' Bikowicz: "Re: serious telnet bug; is it just me?"
Previous message: Robert Sanders: "Re: ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"
Maybe in reply to: Carl Rigney: "ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"
Next in thread: Leo Savage: "Re: ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"

At 12:34 PM 9/9/95 -0400, Leo Savage wrote:
>
>add filter notelnet.in
>set filter notelnet.in 1 permit svr_ip/32 pm_ip/32 tcp dst eq 23 estab
>set filter notelnet.in 2 permit svr_ip/32 pm_ip/32 tcp dst eq 23 log
>set filter notelnet.in 3 deny 0.0.0.0/0 pm_ip/32 tcp dst eq 23 log
>set filter notelnet.in 4 permit
>set ether0 ifilter notelnet.in
>save all
>

OK, I used the modified packet filters which effectively denies access to
only those hosts which I want to connect on my base network. Unfortunately
it does not block incoming from my second, third or fourth ip blocks. Why?

I used the above example modifying only to add the specific hosts which I
wanted to give access to (and not using the estab parameter since it seemed
to disable use of pmwho, and also not the log param on the permit since the
connection is logged anyways) How do I block dialin users on other IP blocks
from telnetting in without setting up a packet filter for dialin?

System Administrator
Nebraska On-Ramp, Inc.
Papillion, NE 68046
(402)339-NEON (6366)
================================
NEON- Your On-Ramp to the World!
================================

Next message: Brian 'MegaZone' Bikowicz: "Re: serious telnet bug; is it just me?"
Previous message: Robert Sanders: "Re: ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"
Maybe in reply to: Carl Rigney: "ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"
Next in thread: Leo Savage: "Re: ANNOUNCE: pm2_3.1.3c2 fixes Telnet break problem"