Firewalls: Re: packet filtering, no route to host.

Firewalls
(September 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: packet filtering, no route to host.
From:	sameer <sameer @ c2 . org>
Date:	Fri, 29 Sep 1995 01:46:33 -0700 (PDT)
To:	cssmith @ mindspring . com (Christopher Smith)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<199509290523 . BAA24667 @ dylan . mindspring . com> from "Christopher Smith" at Sep 29, 95 00:23:19 am
Pgp-strong-print:	3C AE E4 00 C2 6A 81 FF 49 4E EE 0C CD CD 1D 80

	The sourceport from a host you are running the telnet client
from is a random non-prived port, not 23.

> 
> Quick question as the night as late and this has to be ready to go asap:
> 
> On a livingston one explicitely permits, everything else is denied.  If I
> set the filter to read like this
> filter s1.in 6 permit src_addr/bits dst_addr/bits tcp src eq 23 dst eq 23 
> it means that from the source address ot the dest ination address filter
> inbound on tcp against packets coming from port 23 to 23.  With this ruleset
> implace, if I telnet from the src (explicitly declared) to the destination
> (also explicitly declared) the response is no route to host.   If I strike
> "dst eq 23" and leave "tcp src eq 23" I get no route to host.  If I leave
> dst...then I can telnet through.  Why is that?
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer @
 c2 .
 org

Indexed By Date	Previous:	please people be MODERATED!! From: ddill @ junix . ju . edu (Daniel Dill)
Indexed By Date	Next:	Re: PR: ATM firewall - Network Systems Corp. From: Bobby Yan <bobbyyan @ singnet . com . sg>
Indexed By Thread	Previous:	s/key.2-2 on BSDI 2.0 with auth From: Musaddik Mokhtar <dique @ ms . mimos . my>
Indexed By Thread	Next:	Re: packet filtering, no route to host. From: Brent @ GreatCircle . COM (Brent Chapman)