David Hough running ipfilt wrote: > My daughter just got a nintendo DS. I finally got it through > ipfilter, by putting > some big holes in. It looks to me like the nintendo DS was coded by > somebody > who was rather vague about how TCP is supposed to work. I might be wrong > about that, but I googled into several college websites that said the device > was not and never would be supported through their firewalls. > > Anyway, my inclination is simply to put a wireless router outside my > firewall > and let her use that. But if somebody has gotten it working in a > satisfactory > way inside ipfilter, I'd appreciate some hints. > > Or if it's known to be a hazardous device outside firewalls, I'd like to > know that > too.
I doubt that it's that they didn't know how TCP works... they probably just didn't care too much about people writing firewall rules. At a quick guess, it's prolly something along the lines of FTP... which means you either need some fairly large holes, you'll need to write a proxy module for IPF to support it (like the FTP and VPN proxies). Perhaps if you provide some traffic dumps (not content, just flows) someone might be able to help you. -- Phil Dibowitz [EMAIL PROTECTED] Open Source software and tech docs Insanity Palace of Metallica http://www.phildev.net/ http://www.ipom.com/ "Never write it in C if you can do it in 'awk'; Never do it in 'awk' if 'sed' can handle it; Never use 'sed' when 'tr' can do the job; Never invoke 'tr' when 'cat' is sufficient; Avoid using 'cat' whenever possible" -- Taylor's Laws of Programming
signature.asc
Description: OpenPGP digital signature
