The filter worked great for our PPP and Slip users.
The problem was, it also blocked access for all our direct
dial-in users using software such as terminal, xtalk, etc.
Here is the broken filter we installed. Can someone make the
correction to it that would allow our direct dial-in users to
also successfully connect?
Thanks in advance...
====================================================================
SYN FLOOD Attack Prevention Filter
Assume portmaster is assigning 128.0.0.1 - 128.0.0.30
add filter nosyn.in
set filter nosyn.in 1 permit 128.0.0.1/27 0.0.0.0/0
set filter nosyn.in 2 deny 0.0.0.0/0 0.0.0.0/0 log
save filter
show filter nosyn.in
'show filter nosyn.in' output:
1 permit 128.0.0.1/27 0.0.0.0/0 ip
2 deny 0.0.0.0/0 0.0.0.0/0 ip log
========================================================================
Regards,
Bill Martin
Hula Net, Inc.
cyber@hula.net