Re: (ASCEND) Need Filter-Entry

To: smb@pnm.net
Subject: Re: (ASCEND) Need Filter-Entry
From: Adam Chappell <adamc@colt.net>
Date: 13 Jan 1998 11:53:47 +0000
Cc: ascend-users@bungi.com
In-Reply-To: "Stefan M. Brandl"'s message of Tue, 13 Jan 1998 09:44:52 +0100
References: <19980113094452.05089@fireblade.pnm.net>
Sender: owner-ascend-users@max.bungi.com

"Stefan M. Brandl" <smb@pnm.net> writes:

> Hi there,
> I need a radius filter entry that allows smtp-connections only to one
> single host. Connections to any other host on port 25 should be denied.
> Connectoins on all other ports should be allowed to any host.
> 
> Can anyone give me an example-entry?

I think this is what you want. Scratch the comments and plug these
four filter entries into your RADIUS profile.

# Allow only connections we're interested in and let the implicit drop
# rule deal with the rest.

# Allow TCP to and from goodhost [1.2.3.4] on SMTP port
 Ascend-Data-Filter = "ip in forward dstip 1.2.3.4/32 tcp dstport = 25"
 Ascend-Data-Filter = "ip out forward srcip 1.2.3.4/32 tcp srcport = 25"

# Allow any TCP where the port involved is not SMTP
 Ascend-Data-Filter = "ip in forward tcp dstport != 25"
 Ascend-Data-Filter = "ip out forward tcp srcport != 25"

Best of luck.

-- Adam.
 

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) Need Filter-Entry

From: Adam Chappell <adamc@colt.net>

References:

(ASCEND) Need Filter-Entry

From: "Stefan M. Brandl" <smb@pnm.net>

Prev by Date: Re: (ASCEND) Need Filter-Entry
Next by Date: Re: (ASCEND) APEX Rapid Transit modem
Prev by thread: (ASCEND) Need Filter-Entry
Next by thread: Re: (ASCEND) Need Filter-Entry
Index(es):
- Main
- Thread