Firewall Wizards mailing list archives
Re: meaning of "both" in a filter statement
From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Tue, 28 Jul 1998 13:44:46 -0400 (EDT)
My question is this. On some firewalls the interface spec also includes (besides terms for inside, outside, 3rd) a term "both." That means apply the permit/deny on traffic appearing at both inside (trusted) and outside (internet) interfaces. This at first glance seems absurd. It means that traffic going to D from S can move in either direction across the FW. A very unusual arrangement with almost no uses. Obviously there must be a more reasonable explanation Has anyone found an explanation for what "both" really does.?
Hal, The distinction is between "can" and "may". Obviously, the IP "can" not go either way. But the file is saying that it "may". This makes much more sense when using rules with wild cards. E.g., deny e-mail in or out to and from all IP addresses on "both" interfaces, or allow Quake in and out to and from all IP addresses on "both" interfaces. ;-} Capish? -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO Computer Support EMT-A/B ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- Re: meaning of "both" in a filter statement Joseph S. D. Yao (Aug 02)
- <Possible follow-ups>
- RE: meaning of "both" in a filter statement john madincea (Aug 02)
- Re: meaning of "both" in a filter statement Joseph S. D. Yao (Aug 02)