>|------------------------- Message log follows: -------------------------|
> Xfail: <<perra @
telia .
se>> reason: (ERR_133) transport local: failed to
open output file: No such file or directory
>|------------------------- Failed addresses follow: ---------------------|
> <perra @
telia .
se> ... transport local: failed to open output file: No such
file or directory
>|------------------------- Message text follows: ------------------------|
>Received: from sunic.sunet.se by palantir.p.tvt.se with smtp
> (Smail3.1.28.1 #2) id m0qipt5-000aFka; Thu, 8 Sep 94 22:16 WET DST
>Received: from relay2.UU.NET by sunic.sunet.se (8.6.8/2.03)
> id TAA10656; Thu, 8 Sep 1994 19:59:03 +0200
>Received: from mycroft.GreatCircle.COM by relay2.UU.NET with SMTP
> id QQxgmp02702; Thu, 8 Sep 1994 13:56:20 -0400
>Received: from localhost by mycroft.GreatCircle.COM
(8.6.5/SMI-4.1/Brent-940829)
> id RAA07843; Thu, 8 Sep 1994 17:17:35 GMT
>Received: from seraph.uunet.ca by mycroft.GreatCircle.COM
(8.6.5/SMI-4.1/Brent-940829)
> id KAA07835; Thu, 8 Sep 1994 10:17:25 -0700
>Received: from fujitsu.ca ([142.77.30.2]) by mail.uunet.ca with SMTP id
<95314-2>; Thu, 8 Sep 1994 13:22:48 -0400
>Received: by fujitsu.ca (4.1/SMI-4.1)
> id AA20194; Thu, 8 Sep 94 13:23:40 EDT
>Received: from falcon.fsbc.ca(192.10.1.205) by jay via smap (V1.3mjr)
> id sma020187; Thu Sep 8 13:23:38 1994
>Received: by falcon.fujitsu.ca (4.1/SMI-4.1)
> id AA17449; Thu, 8 Sep 94 13:22:57 EDT
>Date: Thu, 8 Sep 1994 13:22:57 -0400
>From: smartin @
fujitsu .
ca (Steve Martin)
>Message-Id: <9409081722 .
AA17449 @
falcon .
fujitsu .
ca>
>To: firewalls @
GreatCircle .
COM
>Subject: Filtering all IP Packets that contain options
>Sender: Firewalls-Owner @
GreatCircle .
COM
>Precedence: bulk
>
>Hi,
>
> I'm trying to set up some filters on my gateway. Unfortunately the software
>that I'm using is somewhat limited and requires that you match patterns in the
>packets. In order to do this I have to make sure that the fields in the TCP
>header are always in the same place. To do this the size of the IP header
must be
>fixed. I am therefore thinking of tossing all incoming IP packets that do not
>have an IP header length of 5 words. This means that I will be tossing all
>packets that contain options. Is there a problem with this? From what I've
read,
>you want to get rid of any packets that contain source routing options anyway,
>are any other options common and desirable?
>---------------------------------------------------------------------------
-----
>Stephen Martin oO Fujitsu Systems Business of Canada, Inc.
>smartin @
fujitsu .
ca Fujitsu Box 30
>Phone: (416)512-0342 x3137 5140 Yonge St., Suite 2000
>Fax: (416)512-0344 North York, Ontario, Canada. M2N 6L7
>---------------------------------------------------------------------------
-----
>
>
------------------------------------
! !
! Ingemar Lundqvist !
! Telia Data AB !
! Sweden !
------------------------------------
e-mail: ingemar @
han .
data .
telia .
se
phone: 08 - 707 24 13
minicall: 0746 - 49 20 14
|
|
