Firewall Wizards mailing list archives

Re: meaning of "both" in a filter statement

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Tue, 28 Jul 1998 13:44:46 -0400 (EDT)

My question is this.  On some firewalls the interface spec also includes (besides terms for inside, outside, 3rd) a
term "both." That means apply the permit/deny on traffic appearing at both inside (trusted) and outside (internet) 
interfaces. 

This at first glance seems absurd.  It means that traffic going to D from S can move in either direction across the 
FW. A very unusual  arrangement  with almost no uses.   Obviously there must be a more reasonable explanation 

Has anyone found an explanation for what "both" really does.?


Hal,

The distinction is between "can" and "may".  Obviously, the IP "can"
not go either way.  But the file is saying that it "may".

This makes much more sense when using rules with wild cards.  E.g.,
deny e-mail in or out to and from all IP addresses on "both"
interfaces, or allow Quake in and out to and from all IP addresses on
"both" interfaces.  ;-}

Capish?

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

Re: meaning of "both" in a filter statement Joseph S. D. Yao (Aug 02)
- <Possible follow-ups>
- RE: meaning of "both" in a filter statement john madincea (Aug 02)
- Re: meaning of "both" in a filter statement Joseph S. D. Yao (Aug 02)