Craig, Cat ---


Following info in TID10050437

http://support.novell.com/cgi-bin/se...?/10050437.htm

I think you'd end up by allowing all high traffic except:2000 through
on
*all* interfaces - which now sounds to me pretty deadly:

-----------8<---------------

The following is how it should now look'

Packet Information:
Packet Type: Dynamic 2000 Protocol: TCP
Destination Port(s): 1024-1999
Source Port(s): All
Source Address Type: Any Address
Destination Address Type: Any Address
(Press "escape" and select "yes" to save it)

------------>8------------------

If I look at a post from Cat on 19/02/2001 16:08 it seems quite
different:

remove the dynamic/tcp exception and create two packet filter
exceptions
as follows

packet type Tcp source port 1024-1999
source interface: public
dest interfacE: public
source IP address: public IP address of BM
dest IP address: any

packet type Tcp source port 2001-65535
source interface: public
dest interfacE: public
source IP address: public IP address of BM
dest IP address: any