[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [Qube2] ICMP IP Filtering

Subject: Re: [cobalt-users] [Qube2] ICMP IP Filtering
From: Gordon <root@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon May 1 10:28:29 2000

On Sun, 30 Apr 2000, Mike Vanecek wrote:
> but allows all stations and the server to ping out. Of course, it does not
> show up in the GUI IP filter rule list which may explain why the Cobalt
> Customer Service rep did not to give me instructions or advice on how to do
> it. Maybe Cobalt needs to improve the GUI IP Filter list to include ICMP

Wll, you would think you could set port numbers -/, but the qube isn't
really sold as a general purpose router....still hard to beat a nice cisco
(sorry cobalt -)

Now that you can't ping it, how about other things like 'port unreachable'
messages so you can't traceroute? 

Actully, why did you want to make it unpingable? being unpingable in and
of itself is kinda overrated as a security measure...

> Such a simple solution once you know how. I had read the man several times,
> but it just did not make sense until I read the replies to my post.

ipfwadm is probably the most cryptic utility around, really, the
documentation assumes that you know an awfull lot about the gory details
of how tcp works, probably more than necessary, and the rather large
number of combinations possible between interfaces/addresses/protocol
types/ports etc doesn't exactlly help...

Follow-Ups:
- Re: [cobalt-users] [Qube2] ICMP IP Filtering
  - From: Mike Vanecek

References:
- Re: [cobalt-users] [Qube2] ICMP IP Filtering
  - From: Mike Vanecek

Prev by Date: [cobalt-users] mail errors
Next by Date: Re: [cobalt-users] Web Page Templates
Previous by thread: Re: [cobalt-users] [Qube2] ICMP IP Filtering
Next by thread: Re: [cobalt-users] [Qube2] ICMP IP Filtering

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index