[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Rule with range of ports
I need to add a rule like this: Source Destination Range-of-ports Accept Where Range-of-ports can be from 1300-1500. One solution is to create one tcp object for each port (which mean 200++ objects) and then add these to a group and use the group in the rule. But it require a lot of work, and I guess such a rule will require a lot of CPU, or? Another way would be something like: Source Destination Range-0 Drop Source Destination Range-1 Drop Source Destination Any Accept Where Range-0 are ports below 1300 (< 1300), Range-1 are ports above 1500 (> 1500). The two drop-rules can be merged to one rule. What about the security of such a solution? Any other solutions? --- Jørn Yngve Dahl-Stamnes EDB Teamco, Trondheim [email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|