Re: Firewalls discussion (fwd)

MegaZone (megazone@livingston.com)
Mon, 16 Sep 1996 19:57:24 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: MegaZone: "PM3/Radius Question (fwd)"
Previous message: MegaZone: "PM Login Message (fwd)"

Once upon a time Kevin Littlejohn shaped the electrons to say...
>(In case that wasn't clear: I assign 203.61.173.10 to a client. What
>would it take to make sure that _all_ packets from their end of the line
>are stamped as from 203.61.173.10?)

You can't really, filters can't have IPs set dynamically. A decent
compromise is a filter that allows the 30 IPs in the pool and just those
30. Either as a subnet permit (if it is an even subnet) or a filter with
30 permit rules.

Not perfect, but a damn sight tighter than no filters.

-MZ

--
Livingston Enterprises - Chair, Department of Interstitial Affairs
Phone: 800-458-9966 510-426-0770 FAX: 510-426-8951 megazone@livingston.com
For support requests: support@livingston.com  <http://www.livingston.com/> 
Snail mail: 6920 Koll Center Parkway  #220, Pleasanton, CA 94566
See me in person: Internet Expo, Boston, MA, October 16-17, Booth 422 ;-)

Next message: MegaZone: "PM3/Radius Question (fwd)"
Previous message: MegaZone: "PM Login Message (fwd)"