One of the ports, either the src or destination, will always be in the
7000-7009 range I believe.
The issue is - are you wanting to have access to servers inside or outside
your firewall, and by people inside or outside of your firewall. Depending
on what you want to allow, the filtering can be quite simple.
-- Nathan
> -----Original Message-----
> From: Mike W Ellwood [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 15, 2000 11:00 AM
> To: info-afs
> Subject: AFS and protocol filters?
>
>
> I apologise as I feel this must be a FAQ, but cannot find any
> complete answers in any of the places I've looked:
>
>
>
> Our site is protocol-filtering in the routers, as a means of
> selective "firewalling".
>
> Is there a way of permitting all legitimate AFS traffic in both
> directions, while filtering out non-AFS UDP?
>
>
> I did find the article on www.transarc.com which describes
> which ports AFS
> uses, but it did not fill me with hope; after giving a list
> of ports in
> the 7000 area, it then went on to indicate that AFS
> utilities, including
> klog, use ports on a "next free port" basis, i.e. not very
> predictably,
> and with no reference to /etc/services.
>
> Thanks,
>
> Mike Ellwood
> [EMAIL PROTECTED]
>
