$IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 1024:9099 -i $EXTERN_IFIn the past, i've run a similar setup, and those ports should already be closed on the external interface. You will however need to make sure that you've enabled access to those ports on the internal interface.
$IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 9103:65535 -i $EXTERN_IF
Should this go to policy or rules?
This should: close printer ports 9100,9101, and 9102 on external interface.
What rule that would be?
Andrey
I believe you can put that in rules, so:
ACCEPT loc fw tcp 9100
-arif
-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
