Forum Discussion
Josh_41258
Sep 24, 2009Nimbostratus
Sorry for the bump, but could someone help me out with the proper syntax for something like:
when CLIENT_ACCEPTED {
Check if requested port is outside 1000 - 2000
if { [TCP::client_port] < 1000 or [TCP::client_port] > 2000 or [TCP::client_port] not 3389 or [TCP::client_port] not 1500 or [TCP::client_port] not 161 }{
Drop request
drop
}
I'm trying to allow a range (12000-13000) and several individual ports, but drop/reject the rest.
Thanks,
Josh