Date: Wed, 19 Jan 2005 10:01:31 -0800 From: Erick Mechler <emechler@techometer.net> To: "Sherman, Michael (GE Energy)" <michael.sherman@og.ge.com> Cc: FreeBSD-security@freebsd.org Subject: Re: ipf question Message-ID: <20050119180131.GL19851@techometer.net> In-Reply-To: <6BBE5C5603D0D611A06F0002A5D6556405FAA185@nyschx22psge.sch.ge.com> References: <6BBE5C5603D0D611A06F0002A5D6556405FAA185@nyschx22psge.sch.ge.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:: pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep :: state This line allows in all tcp and udp ports less than 137 and greater than 139, which is exactly what you don't want :) If you want to allow all ports 137-139 inclusive, you need to change it to ... port 136 >< 140 keep state The < and > operators are not inclusive. Cheers - Erick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050119180131.GL19851>