Why are these rules not matching?

Olmsted, Brian Sun, 20 Mar 2005 16:50:59 -0800


Why are these rules not matching on either server that I have them
configured on?


I'm trying to do a pass out rule to two different hosts on UDP ports
1200 and 1201

Is it something very simple or something that I'm not putting into the
rule?  Is there a way I can test this?


Thanks.



SERVER #1
=========
pass out   log first   quick on bge0     proto udp        from
XXX.YYY.122.126/32   port > 1023           to AAA.BBB.101.68/32   port
1999 >< 1202                     keep state              group 202
pass out   log first   quick on bge0     proto udp        from
XXX.YYY.122.126/32   port > 1023           to AAA.BBB.101.100/32  port
1999 >< 1202                     keep state              group 202

block out  log first    quick on bge0                     all
group 202



SERVER #2
=========
pass out   log first   quick on bge0     proto udp        from
XXX.YYY.121.126/32   port > 1023           to AAA.BBB.101.68/32   port
  1999 >< 1202                     keep state              group 202
pass out   log first   quick on bge0     proto udp        from
XXX.YYY.121.126/32   port > 1023           to AAA.BBB.101.100/32  port
  1999 >< 1202                     keep state              group 202
block out  log first    quick on bge0                     all
                                                           group 202



========================================================================
====
Mar 21 00:08:06 bw-sc1 ipmon[146]: [ID 702911 local0.warning]
00:08:05.186155 bge0 @202:374 b XXX.YYY.122.126,43202 ->
AAA.BBB.101.68,1200 PR udp len 20 93 OUT
Mar 21 00:08:07 bw-sc1 ipmon[146]: [ID 702911 local0.warning]
00:08:06.195889 bge0 @202:374 b XXX.YYY.122.126,43203 ->
AAA.BBB.101.100,1200 PR udp len 20 93 OUT
========================================================================
====
Mar 21 00:10:03 bw-sc2 ipmon[146]: [ID 702911 local0.warning]
00:10:03.675724 bge0 @202:374 b XXX.YYY.121.126,49533 ->
AAA.BBB.101.100,1201 PR udp len 20 93 OUT
Mar 21 00:10:04 bw-sc2 ipmon[146]: [ID 702911 local0.warning]
00:10:04.685529 bge0 @202:374 b XXX.YYY.121.126,49534 ->
AAA.BBB.101.68,1200 PR udp len 20 93 OUT
Mar 21 00:10:06 bw-sc2 ipmon[146]: [ID 702911 local0.warning]
00:10:05.695490 bge0 @202:374 b XXX.YYY.121.126,49535 ->
AAA.BBB.101.100,1200 PR udp len 20 93 OUT
========================================================================
====




------------------------------------------------------------------------
Brian Olmsted, B.Sc
Sr. Technical Specialist             Office: 416-644-7406
IP Edge Technology                   Fax:    416-640-9303
MTS Allstream Inc.                   Mobile: 647-321-5556
438 University Avenue, 412D          Pager:  [EMAIL PROTECTED]
Toronto, ON  Canada  M5G 2K8         Email:  [EMAIL PROTECTED]
------------------------------------------------------------------------

Why are these rules not matching?

Reply via email to