filters RFE

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: MegaZone: "Accusations"
• Previous message: patrick@value.net: "Accusations"
• Next in thread: John G. Thompson: "Re: filters RFE"

I'm trying to debug some packet filters and I realized that the packet
tracing needs some extra info.

Despite the fact that the output filter has this:

25 permit 207.100.0.16/28 207.100.0.3/32 tcp src eq 23
26 deny 207.100.0.16/28 0.0.0.0/0 tcp src eq 23

The following packets still seem to be able to penetrate eth0.

TCP from 207.100.0.16.23 to 207.100.0.2.1809 seq 80, ack 0x8D918D34, win 2048, ACK
TCP from 207.100.0.16.23 to 207.100.0.2.1809 seq 80, ack 0x8D918D34, win 2048, PUSH ACK , 50 bytes
TCP from 207.100.0.16.23 to 207.100.0.2.1809 seq B2, ack 0x8D918D37, win 2048, ACK

--RFE--:

It would help to know what packet filters the packets had to pass through,
and which rules permitted their passage. i.e. Filter:eth.out[4]

I wish I had time to open a ticket.

• Next message: MegaZone: "Accusations"
• Previous message: patrick@value.net: "Accusations"
• Next in thread: John G. Thompson: "Re: filters RFE"