I want to prevent users from sending mail off other relays (logging it all
the while), log all icmp and telnet traffic, and stop any NetBIOS traffic;
add filter basic.in
set filter basic.in 1 permit 216.98.0.0/20 216.98.0.54/0 tcp dst eq 25
set filter basic.in 2 permit 216.98.0.0/20 216.98.0.50/0 tcp dst eq 25
set filter basic.in 3 deny 216.98.0.0/20 0.0.0.0/0 tcp dst eq 25 log
set filter basic.in 4 permit 216.98.9.0/24 0.0.0.0/0 tcp
set filter basic.in 5 deny 216.98.0.0/20 0.0.0.0/0 tcp dst eq 137 log
set filter basic.in 6 deny 216.98.0.0/20 0.0.0.0/0 tcp dst eq 138 log
set filter basic.in 7 deny 216.98.0.0/20 0.0.0.0/0 tcp dst eq 139 log
set filter basic.in 8 deny 216.98.0.0/20 0.0.0.0/0 udp dst eq 137 log
set filter basic.in 9 deny 216.98.0.0/20 0.0.0.0/0 udp dst eq 138 log
set filter basic.in 10 deny 216.98.0.0/20 0.0.0.0/0 udp dst eq 139 log
set filter basic.in 11 permit 216.98.0.0/20 0.0.0.0/0 tcp dst eq 23 log
set filter basic.in 12 permit 216.98.9.0/24 0.0.0.0/0 icmp log
set filter basic.in 13 permit 216.98.9.0/24 0.0.0.0/0 udp
set filter basic.in 14 deny 0.0.0.0/0 0.0.0.0/0
and I want to prevent them from running web, ftp, or mail servers off of
their dialup accounts, loggin it.
add filter basic.out
set filter basic.out 1 permit 0.0.0.0/0 216.98.0.0/20 tcp dst gt 100
set filter basic.out 2 permit 0.0.0.0/0 216.98.0.0/20 udp
set filter basic.out 3 permit 0.0.0.0/0 216.98.0.0/20 icmp
set filter basic.out 4 deny 0.0.0.0/0 216.98.0.0/20 tcp dst lt 100 log
Do I have this backwards?
-doug
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>