Forum Discussion
Sonny_J_Bonds_1
Nimbostratus
NimbostratusiRule Exception Help
I have this rule setup on Virtual serverA to allow communication to happen only on the port listed below. I now want to set it so it doesn't run through the rule below when this incoming IP (192.x.x.20) hits it. The IP 192.x.x.20 is a server I want to be the only exception to this rule (no filtration) when it hits serverA, how do I make this happen?
Thank you.
when CLIENT_ACCEPTED {
Check if requested port equals the port numbers below
if { not (
[TCP::local_port] == 25 or
[TCP::local_port] == 53 or
[UDP::local_port] == 53 or
[UDP::local_port] == 67 or
[TCP::local_port] == 88 or
[UDP::local_port] == 88 or
[UDP::local_port] == 123 or
[TCP::local_port] == 135 or
[UDP::local_port] == 137 or
[UDP::local_port] == 138 or
[TCP::local_port] == 139 or
[TCP::local_port] == 389 or
[UDP::local_port] == 389 or
[TCP::local_port] == 443 or
[TCP::local_port] == 445 or
[UDP::local_port] == 445 or
[TCP::local_port] == 464 or
[UDP::local_port] == 464 or
[TCP::local_port] == 636 or
[TCP::local_port] == 1433 or
[UDP::local_port] == 2535 or
[TCP::local_port] == 3268 or
[TCP::local_port] == 3269 or
[TCP::local_port] == 3389 or
[TCP::local_port] == 5722 or
[TCP::local_port] == 8014 or
[TCP::local_port] == 9389 or
[TCP::local_port] == 49155
) }{
Drop request
drop
}
}
I would try with:
if { not [IP::addr [IP::client_addr] equals "192.x.x.20"] } { if { not ( [TCP::local_port] == 25 or [TCP::local_port] == 53 or [UDP::local_port] == 53 or ... ) } {Drop request drop } }
DevBabu_174449Cirrus
I would try with:
if { not [IP::addr [IP::client_addr] equals "192.x.x.20"] } { if { not ( [TCP::local_port] == 25 or [TCP::local_port] == 53 or [UDP::local_port] == 53 or ... ) } {Drop request drop } }
Sonny_J_Bonds_1Works like a charm DevBabu, thank you - I really appreciate that. I came very close to having something similar, was missing a closing bracket.
Thanks again.