Hi again, Another question about my newly inherited PIX. The following rules confuse me a bit:
access-list acl_out permit udp 195.215.xxx.xxx 255.255.255.240 any eq domain access-list acl_out permit udp 195.215.xxx.xxx 255.255.255.240 eq domain any gt 1023 The first one is obvious - any machine on my subnet may do udp dns lookups. But I can't see any reason for the second one. Why would a machine start a connection from port 53 to a port above 1023? The same rule is in the outbound access-list: access-list acl_in permit udp any 195.215.xxx.xxx 255.255.255.240 eq domain access-list acl_in permit udp any eq domain 195.215.xxx.xxx 255.255.255.240 gt 1023 Can I just delete the two with destination ports above 1023? Thanks /Rasmus ------- [Denne E-mail blev scannet for virus af Declude Virus] [This E-mail was scanned for viruses by Declude Virus] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
