Never mind... I feel so stupid! Wrong port range. Should be 1199 >< 1202 and not 1999 >< 1202. Doh!
Perhaps, ipfilter could be changed to warn about such cases (first number is greater than the second)??? Anyway. -----Original Message----- From: Olmsted, Brian Sent: March 20, 2005 7:25 PM To: [email protected] Cc: Olmsted, Brian Subject: Why are these rules not matching? Why are these rules not matching on either server that I have them configured on? I'm trying to do a pass out rule to two different hosts on UDP ports 1200 and 1201 Is it something very simple or something that I'm not putting into the rule? Is there a way I can test this? Thanks. SERVER #1 ========= pass out log first quick on bge0 proto udp from XXX.YYY.122.126/32 port > 1023 to AAA.BBB.101.68/32 port 1999 >< 1202 keep state group 202 pass out log first quick on bge0 proto udp from XXX.YYY.122.126/32 port > 1023 to AAA.BBB.101.100/32 port 1999 >< 1202 keep state group 202 block out log first quick on bge0 all group 202 SERVER #2 ========= pass out log first quick on bge0 proto udp from XXX.YYY.121.126/32 port > 1023 to AAA.BBB.101.68/32 port 1999 >< 1202 keep state group 202 pass out log first quick on bge0 proto udp from XXX.YYY.121.126/32 port > 1023 to AAA.BBB.101.100/32 port 1999 >< 1202 keep state group 202 block out log first quick on bge0 all group 202 ======================================================================== ==== Mar 21 00:08:06 bw-sc1 ipmon[146]: [ID 702911 local0.warning] 00:08:05.186155 bge0 @202:374 b XXX.YYY.122.126,43202 -> AAA.BBB.101.68,1200 PR udp len 20 93 OUT Mar 21 00:08:07 bw-sc1 ipmon[146]: [ID 702911 local0.warning] 00:08:06.195889 bge0 @202:374 b XXX.YYY.122.126,43203 -> AAA.BBB.101.100,1200 PR udp len 20 93 OUT ======================================================================== ==== Mar 21 00:10:03 bw-sc2 ipmon[146]: [ID 702911 local0.warning] 00:10:03.675724 bge0 @202:374 b XXX.YYY.121.126,49533 -> AAA.BBB.101.100,1201 PR udp len 20 93 OUT Mar 21 00:10:04 bw-sc2 ipmon[146]: [ID 702911 local0.warning] 00:10:04.685529 bge0 @202:374 b XXX.YYY.121.126,49534 -> AAA.BBB.101.68,1200 PR udp len 20 93 OUT Mar 21 00:10:06 bw-sc2 ipmon[146]: [ID 702911 local0.warning] 00:10:05.695490 bge0 @202:374 b XXX.YYY.121.126,49535 -> AAA.BBB.101.100,1200 PR udp len 20 93 OUT ======================================================================== ==== ------------------------------------------------------------------------ Brian Olmsted, B.Sc Sr. Technical Specialist Office: 416-644-7406 IP Edge Technology Fax: 416-640-9303 MTS Allstream Inc. Mobile: 647-321-5556 438 University Avenue, 412D Pager: [EMAIL PROTECTED] Toronto, ON Canada M5G 2K8 Email: [EMAIL PROTECTED] ------------------------------------------------------------------------
