How do I test for NO tcp flags being set, in ipfilter?
See subject. :) -ste ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I test for NO tcp flags being set, in ipfilter?
See subject. :) A note: That is impolite and unhelpful. You should put your information including the auestion in the body of the message. Without that, the question does not show up in the edit file for a response unless the person responding qoes way out of their way to grab it. Since you are asking volunteers for free help, I would think you woul d want to make it as easy for them as possible for them to respond. Geez, now I have forgotten what the question was. Oh well. jerry -ste ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I test for NO tcp flags being set, in ipfilter?
Jerry McAllister wrote: See subject. :) A note: That is impolite and unhelpful. You should put your information including the auestion in the body of the message. My sincere apologys. I was trying to be helpful by not repeating myself, and wasting bandwidth when my entire question was framed in the subject. I won't do it again though, if it's considered impolite. -ste ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How do I test for NO tcp flags being set, in ipfilter? (repost)
How do I test for NO tcp flags being set, in ipfilter? -ste ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I test for NO tcp flags being set, in ipfilter? (repost)
On Tuesday 02 March 2004 18:27, Shaun T. Erickson wrote: How do I test for NO tcp flags being set, in ipfilter? You can filter on TCP flags but seems to me what you really mean is how to check for no TCP options (nop) rather than no flags: 'with opt nop' is a syntax that should work. WRT flags, it's my understanding that every TCP packet has at least the A or S flag set. HTH, Dan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I test for NO tcp flags being set, in ipfilter? (repost)
Danny Pansters wrote: On Tuesday 02 March 2004 18:27, Shaun T. Erickson wrote: How do I test for NO tcp flags being set, in ipfilter? You can filter on TCP flags but seems to me what you really mean is how to check for no TCP options (nop) rather than no flags: 'with opt nop' is a syntax that should work. WRT flags, it's my understanding that every TCP packet has at least the A or S flag set. Actually, I do mean no flags set. Nmap's null scan uses packets with all tcp flags turned off. On linux, with iptables, I would say -tcp-flags ALL NONE to test for this (the bits to test and the mask are in reverse order to how we specify them in ipfilter). The closest ipfilter statement would be flags /FSRPAU, specifying no flags to be set, out of all flags. I don't believe this is legal syntax though. -ste ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]