20 Oct
2020
20 Oct
'20
3:16 p.m.
Might filtering port 11211 like that not risk blocking random connections, where the operating system picked that port as source, which then becomes destination on the reply packets? tir. 20. okt. 2020 07.19 skrev Randy Bush <randy@psg.com>:
term blocked-ports { from { protocol [ tcp udp ]; first-fragment; destination-port [ 0 sunrpc 135 netbios-ns netbios-dgm netbios-ssn 111 445 syslog 11211]; } then { sample; discard; } }
and i block all external access to weak devices such as switches, pdus, ipmi, ...
randy