Lewis Bergman wrote:
PD TC wrote:
hello,
We are new to the Total Controls and have been using Portmasters. We have been searching the manuals, the Internet and the maillist archives (through google searches) but have not found the answers for some questions.
On our portmasters, we can set up firewall scripts/filters to block denial of service attacks by blocking ip traffic directly to the ip address of the portmaster on its ethernet port except for our local network, dns, and radius servers external to us.
Is there a way to do this on the Total control? If so, what exactly do we need to do to implement it? Sorry, here is an example of what we filter and is an example of the syntax.
HiPer>> show file virus.in #filter IP: 10 ACCEPT dst-addr=0.0.0.0; 20 REJECT tcp-dst-port=135; 30 REJECT tcp-dst-port=137; 40 REJECT tcp-dst-port=138; 50 REJECT tcp-dst-port=139; 60 REJECT tcp-dst-port=445; 70 REJECT udp-dst-port=135; 80 REJECT udp-dst-port=137; 90 REJECT udp-dst-port=138; 100 REJECT udp-dst-port=139; 110 REJECT udp-dst-port=445; 120 REJECT tcp-src-port=135; 130 REJECT tcp-src-port=137; 140 REJECT tcp-src-port=138; 150 REJECT tcp-src-port=139; 160 REJECT tcp-src-port=445; 170 REJECT udp-src-port=135; 180 REJECT udp-src-port=137; 190 REJECT udp-src-port=138; 200 REJECT udp-src-port=139; 210 REJECT udp-src-port=445;