Real Time Ascend Maling List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Filter to block windows networking
These Filters block:
incoming data NetBEUI/TCPIP ports;
incoming Telnet to the router;
incoming data from any external host with the same IP as the LAN
(anti-spoofing)
Note that these are DATA filters, NOT CALL filters.
Name=IP Call
In filter 01...Valid=Yes
In filter 01...Type=IP
In filter 01...Generic...Offset=6
In filter 01...Ip...Protocol=6
In filter 01...Ip...Src Port #=137
In filter 01...Ip...Dst Port Cmp=Eql
In filter 01...Ip...Dst Port #=137
In filter 02...Valid=Yes
In filter 02...Type=IP
In filter 02...Generic...Offset=6
In filter 02...Ip...Protocol=6
In filter 02...Ip...Src Port #=138
In filter 02...Ip...Dst Port Cmp=Eql
In filter 02...Ip...Dst Port #=138
In filter 03...Valid=Yes
In filter 03...Type=IP
In filter 03...Generic...Offset=6
In filter 03...Ip...Protocol=6
In filter 03...Ip...Src Port #=139
In filter 03...Ip...Dst Port Cmp=Eql
In filter 03...Ip...Dst Port #=139
In filter 04...Valid=Yes
In filter 04...Type=IP
In filter 04...Generic...Offset=6
In filter 04...Generic...Mask=00000000ffffffff
In filter 04...Generic...Value=cc6b480200000000
In filter 04...Ip...Dst Mask=255.255.255.255
In filter 04...Ip...Dst Adrs=xxx.xxx.xxx.xxx <- Router Address
In filter 04...Ip...Protocol=6
In filter 04...Ip...Dst Port Cmp=Eql
In filter 04...Ip...Dst Port #=23
In filter 05...Valid=Yes
In filter 05...Type=IP
In filter 05...Generic...Length=65535
In filter 05...Generic...Mask=cc6b480000000000
In filter 05...Generic...More=
In filter 05...Ip...Src Mask=255.255.255.0
In filter 05...Ip...Src Adrs=xxx.xxx.xxx.0 <- Your IP Block
In filter 12...Valid=Yes
In filter 12...Generic...Forward=Yes
In filter 12...Ip...Forward=Yes
These Filters block OUTGOING accesses to foreign NetBEUI/TCPIP ports over the
WAN.
Out filter 01...Valid=Yes
Out filter 01...Type=IP
Out filter 01...Generic...Offset=6
Out filter 01...Generic...Value=0000000000000002
Out filter 01...Ip...Protocol=6
Out filter 01...Ip...Src Port Cmp=Eql
Out filter 01...Ip...Src Port #=137
Out filter 02...Valid=Yes
Out filter 02...Type=IP
Out filter 02...Generic...Offset=6
Out filter 02...Generic...Value=0000000000000002
Out filter 02...Ip...Protocol=6
Out filter 02...Ip...Src Port Cmp=Eql
Out filter 02...Ip...Src Port #=138
Out filter 03...Valid=Yes
Out filter 03...Type=IP
Out filter 03...Generic...Offset=6
Out filter 03...Generic...Value=0000000000000002
Out filter 03...Ip...Protocol=6
Out filter 03...Ip...Src Port Cmp=Eql
Out filter 03...Ip...Src Port #=139
Out filter 04...Generic...Forward=Yes
Out filter 04...Ip...Forward=Yes
Out filter 12...Valid=Yes
Out filter 12...Generic...Forward=Yes
Out filter 12...Ip...Forward=Yes
Hope this helps
Patrick
"Daniel J. Vance" <dvance@rvi.net> on 10/15/99 02:07:58 PM
To: "ascend mailing list" <ascend-users@bungi.com>
cc:
Subject: (ASCEND) Filter to block windows networking
Hi All,
I have a network that has a few computers on it that have windows networking
installed.
The computer that I'm concerned about has the ip address of xx.xxx.xxx.2
with the subnet mask of 255.255.255.0 I also have an ascend max 4048 for
dialup on that network. I am looking for a filter to place on my ascend max
4048 to drop any windows networking packets between my dialup customers and
the computers with windows networking.
Anyone have any ideas?
Sincerely,
Daniel J. Vance
Rogue Valley Internet, Inc.
Connecting Oregon to the World
phone: (541) 472-0733
email: support@rvi.net
225 SE 8th. St.
Grants Pass, OR 97526
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>