David A. Ranch wrote:
> Well, I'm worried about the big ones.  For example:
[snip]
> # Xwindows - Deny
> /sbin/ipfwadm -O -a reject -W $extif -P tcp -S $extip/32 -D
> $universe/0 6000 -o
> /sbin/ipfwadm -O -a reject -W $extif -P udp -S $extip/32 -D
> $universe/0 6000 -o

Shouldn't that be port range 6000:6007 for Xwindows?

I missed the beginning of the conversation but it appears you're looking at
securing high ports, I assume you've already filtered out packets
originating outside your firewall in the input rules. (-k ? - it's been
awhile since I used ipfwadm instead of ipchains)

Lourdes

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]

Reply via email to