Forum Discussion

Nimbostratus

Apr 24, 2009

blocking UDP ports

I have a wildcard virtual server for some UDP ports, but I would like to block client from reaching any UDP port that is lower than 6970. I have this iRule, but it doesn't seem to be behaving as I wou...

Nimbostratus

Apr 24, 2009

Turns out I was just a total moron and I was getting answers from an internal DNS server that I did not want to see. I modified the code a little so I could see what was going on, so I see that my rules works well:

 
 when CLIENT_ACCEPTED { 
 set udp_start 6970 
 set udp_dst [UDP::local_port] 
 if { $udp_dst >= $udp_start } { 
 pool pool_rtsp-sjl-4-UDP 
 } else { 
 log "Someone is creepin" 
 discard 
 } 
 }

And here is the log statement:

 
 Apr 24 16:46:51 tmm tmm[2210]: 01220002:6: Rule block_udp : Someone is creepin 
 Apr 24 16:46:56 tmm tmm[2210]: 01220002:6: Rule block_udp : Someone is creepin 
 Apr 24 16:47:01 tmm tmm[2210]: 01220002:6: Rule block_udp : Someone is creepin

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)