This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using ip protocol 250 in fw rules

Hi,
How I can use ip protocol 250 in fw rules.
I have software which connents to server
via ip protocol 250.
I want to place fw between client and server.

This thread was automatically locked due to age.

Parents

0 JimmyM over 22 years ago

Forgive my ignorance. Protocol 250?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 JimmyM over 22 years ago

Forgive my ignorance. Protocol 250?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 dchik over 22 years ago in reply to JimmyM

Hello,
See below iptables log:

27 07:30:09 fw1 kernel: RULE 15 -- ACCEPT IN=eth1 OUT=eth0 SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx LEN=84 TOS=0x00 PREC=0x00 TTL=117 ID=97 PROTO=250

PROTO=250 is protocol which we have to insert
into astaro's fw rules

Thanks in advance
Cancel
Vote Up 0 Vote Down

Cancel
0 oliver.desch over 22 years ago in reply to dchik

hooray, someone found the scotty protocol and described it
in the ip protocol 250 - how to beam through IP

But maybe I am just stupid or have something overseen.
Could you please clarify what protocol 250 should be?
It appears as unassigned in RFC 1700.

read you
o|iver
Cancel
Vote Up 0 Vote Down

Cancel
0 dchik over 22 years ago in reply to oliver.desch

Hello,
I want to ask differently:
In iptables rule I can simply write:
IPTABLES -A OUTPUT -p 250 *************
and this rule will accept only the packets that
have PROTO=250 in packet header.

See bellow tcpdump log for that packets.

10:36:25.380181 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx:  ip-proto-250 56 (DF)
10:36:25.387587 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx:  ip-proto-250 70
10:36:25.395986 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx:  ip-proto-250 70
10:36:25.396263 xxx.xxx.xxx.xxx > xxx.xxx.xxx.xxx:  ip-proto-250 56 (DF)

I just need to know can I perform the same filtering using Astaro Firewall or not.
  [:S]
Cancel
Vote Up 0 Vote Down

Cancel