Hi Etienne,
Did you try following rule :
block in quick on elxl0 proto tcp/udp from any port 1023 >< 65535 to any
port 1023 >< 65535
I think port range should be 1023 >< 65535 not 1023 >< 65536
Thanks & Regards,
Himanshu
SNSL-i, Internet Security and Enterprise Computing.
[EMAIL PROTECTED]
Direct : +91 80 251-65759
Mobile : 9886492764
====================================================
We can do anything we want to if we stick to it long enough.
- Helen Keller
====================================================
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Etienne V.
Depasquale
Sent: Wednesday, September 12, 2007 3:01 PM
To: IP Filter Mailing list
Subject: Truncation of port value to lower 16 bits' worth only
Good day,
I'm drawing up my rule set right now. One of the rules is a default deny
for all communications between source and destination ports that are
outside the well-known port range. To do this, I'm using the rule
block in quick on elxl0 proto tcp/udp from any port 1023 >< 65536 to any
port 1023 >< 65536
When checking it out using ipfstat -I, I get:
block in quick on elxl0 proto tcp/udp from any port 1023 >< 0 to any
port 1023 >< 0
I can understand that IP filter considers the port as a word data type
but what about the interpretation in practice?
Cheers,
Etienne
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.485 / Virus Database: 269.13.15/1002 - Release Date:
11/09/2007 17:46
