I wasn't talking about filtering IPs, I'm talking about filtering by port. I have no problem with IP based filtering ;) On Thu, 10 Feb 2000, Paul Ferguson wrote: | At 06:13 PM 02/10/2000 -0800, Chris Cappuccio wrote: | | >Filtering incoming our outgoing ports for anybody's network but your own (not | >your customer's) is wrong. You know specifically what apps you are running. | >How can you know what your customer is running or what they want to do ? | | Excuse me, but can you please tell me what "application" a downstream | customer might be running which originates packets for traffic with | source addresses which they are not advertising (or you are advertising | for them)? | | - paul | | --- Gates' Law: Every 18 months, the speed of software halves.