I tried to setup a filter exception for webmin from the local to the
public interface for tcp
source port 1024-65530 dest port 10000
ack disabled
stateful inspection enabled

It failed with the output to the logger screen below.


I was able to get it working by changing the exception;
from the public interface - to the public interface.

This does not seem right to me. I beleive I have something configured
wrong. I purchased both of Craigs books but can't seem to understand
why I have to configure it this way. I only want outbound tcp to
destination port 10000.
Using an external port scanner did not show port 10000 open so it
behaves correctly.

Any comments would be appreciated.

--------------------------------------------------------------------

OUTBOUND packet to "Discard"

Protocol Type=(TCP) Protocol Flag=(SYN)

Source Address=(64.161.xxx.xxx) Destination Address=(68.121.xxx.xxx)

Source Port=(2122) Destination Port=(10000)

Source TOS=(Dynamic) Destination TOS=(Dynamic)

Source Interface=(2) Destination Interface=(2)

Source Circuit=(41852) Destination Circuit=(41852)

Source GroupID=(0) Destination GroupID=(0)





Discard filter rule from "Filters" list

Filter Protocol Type=(IP)

Source Interface Type=(BOARD) Destination Interface Type=(Any)

Source Address=(Any Address) Destination Address=(Any Address)

Source Interface Number=(2) Destination Interface Number=(0)

Source Port Range=(0-0) Destination Port Range=(0-0)

Source TOS=(Reserved) Destination TOS=(Reserved)

Source Group Name=(None) Destination Group Name=(None)

Source Group ID=(0) Destination Group ID=(0)

Source Remote System ID=(None) Destination Remote System ID=(None)

Source Circuit=(0) Destination Circuit=(0)


Rick