Gavin,
> Our backup server IP address is 1.1.1.1
> I want to exclude the data going to/from it
> this below config does not appear to
> could someone tell me what I'm missing?
You don't say exactly what is not working. The filter is syntactically
valid and matches traffic as I would expect within my network. I suspect
your problem is that you are confusing which IP addresses will be source
and destination addresses for each flow you are interested in. Note that
1.1.1.1 will never be in the customer IP address range so you don't need
to explicitly remove it.
Try this:
filter-primitive not_backup_box
type ip-address
deny 1.1.1.1
default permit
filter-primitive customer_lan
type ip-address-prefix
permit 192.168.137.88/30
permit 192.168.138.48/29
default deny
filter-definition from_customer_lan_to_not_backup_box
match ip-source-address customer_lan
match ip-destination-address not_backup_box
filter-definition from_not_backup_box_to_customer_lan
match ip-source-address not_backup_box
match ip-destination-address customer_lan
filter-definition between_customer_lan_and_not_backup_box
match ip-source-address customer_lan
match ip-destination-address not_backup_box
or
match ip-source-address not_backup_box
match ip-destination-address customer_lan
**********************************************************************
Registered Office:
Marks and Spencer plc
Waterside House
35 North Wharf Road
London
W2 1NW
Registered No. 214436 in England and Wales.
Telephone (020) 7935 4422
Facsimile (020) 7487 2670
<<www.marksandspencer.com>>
Please note that electronic mail may be monitored.
This e-mail is confidential. If you received it by mistake, please let us know
and then delete it from your system; you should not copy, disclose, or
distribute its contents to anyone nor act in reliance on this e-mail, as this
is prohibited and may be unlawful.
2005
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
