Firewalls: Re: Filtering TCP establishe

Firewalls
(March 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Filtering TCP establishe
From:	Darren Reed <avalon @ coombs . anu . edu . au>
Date:	Fri, 24 Mar 1995 00:07:37 +1000 (EST)
To:	harrison @ wellfleet . com . au (Peter Harrison)
Cc:	firewalls @ greatcircle . com
In-reply-to:	<199503231259 . WAA13130 @ nico . aarnet . edu . au> from "Peter Harrison" at Mar 23, 95 10:57:51 pm

In some email I received from Peter Harrison, they wrote:
> 
>         Reply to:   RE>Filtering TCP established c
> > Someone mentioned that this is done by filtering on the SYN-ACK
> > reply packet (and only this packet).
> 
> I think the meaning of the comment was that (all) packets be filtered on the
> ACK bit, which, I believe, is what cisco is doing when they use the
> 'established' keyword. Please correct me if I'm wrong.....

But this would disallow connections in both directions, which is seldom
what is desired here (?).

darren

References:

Re: Filtering TCP establishe
From: "Peter Harrison" <harrison @ wellfleet . com . au>

Indexed By Date	Previous:	The big "S" From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Indexed By Date	Next:	Re: Software... From: cjc @ summit . novell . com
Indexed By Thread	Previous:	Re: Filtering TCP establishe From: "Peter Harrison" <harrison @ wellfleet . com . au>
Indexed By Thread	Next:	The big "S" From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)