[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Rule with range of ports
Specify your portnumber as 800-950 (gives you 152 ports)
Trond
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Tuesday, October 17, 2000 11:55 AM
To: [email protected]
Subject: [FW1] Rule with range of ports
I need to add a rule like this:
Source Destination Range-of-ports Accept
Where Range-of-ports can be from 1300-1500. One solution is to create one
tcp object for each port (which mean 200++ objects) and then add these to a
group and use the group in the rule. But it require a lot of work, and I
guess such a rule will require a lot of CPU, or?
Another way would be something like:
Source Destination Range-0 Drop
Source Destination Range-1 Drop
Source Destination Any Accept
Where Range-0 are ports below 1300 (< 1300), Range-1 are ports above 1500 (>
1500). The two drop-rules can be merged to one rule. What about the security
of such a solution?
Any other solutions?
---
J�rn Yngve Dahl-Stamnes
EDB Teamco, Trondheim
[email protected]
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================