I'm banging my head against the wall trying to get a filter exception
going. Basically we have a java app that needs inbound and outbound
exceptions for ports 39427, 39428, and 39429. Unloading ipflt will
allow the app to work.


------

I've set up my exceptions this way outbound for each port:


Source Interface Type: Interface
Source Interface: E1000_1 (Private)
Source Circuit:

Destination Interface Type: Interface
Destination Interface: PUBLIC (Public)
Destination Circuit:

Packet Type: STS Protocol: TCP
Src Port(s): 1024-65535 Dest Port(s): 39427
ACK Bit Filtering: Disabled Stateful Filtering: Enabled

Src Addr Type: Any Address
Src IP Address:
Dest Addr Type: Any Address
Dest IP Address:
Logging: Disabled
Comment: For the STS java program

---------

And then I've set up the inbound exceptions this way:

Source Interface Type: Interface
Source Interface: PUBLIC (Public)
Source Circuit:

Destination Interface Type: Interface
Destination Interface: E1000_1 (Private)
Destination Circuit:

Packet Type: STS2_Inbound Protocol: TCP
Src Port(s): 39428 Dest Port(s): 1024-65535
ACK Bit Filtering: Disabled Stateful Filtering: Enabled

Src Addr Type: Any Address
Src IP Address:
Dest Addr Type: Any Address
Dest IP Address:
Logging: Disabled
Comment:

-----

So in total, there's 6 exceptions. I've tried it with both stateful
filtering and without stateful filtering. I've tried to use the filter
debug process as per Craig's filters book. Any ideas what I'm messing
up?


--
IanSVT