"Mauro J. Jaskelioff" wrote:
> If the HiperARC disconnects you, it could be that you're trying to assign a
> filter that is not defined in the HiperArc.
> You should add two filters: mail.in and mail.out
> If you only want to filter incoming packets set the mail.out to
>
> #filter
> IP:
> 10 ACCEPT dst-addr = 0.0.0.0/0;
>
> To check that a filter has been assigned to an interface you could do a
> show session username (where username is any of the sessions that appears
> in "list session")
>
> At 13:56 10/03/1999 -0800, you wrote:
> >When I tell Hiper ARC to "add filter mail.in" is that what it should be?
> >Presently I just put in as " add filter mail" and it does not work. The
> Hiper ARC
> >keeps disconnecting me.
> >
> >"Geoffrey L. Scully" wrote:
> >
> >> I applied it to the interfaces. But it does not make a difference.
> They still
> >> surf just like before. Not working for some reason.
> >>
> >> Mauro Jaskelioff wrote:
> >>
> >> > If you apply the filter to the interface, everyone willl be filtered.
> >> > Unless this is what you want, don;t apply the filter to the interface.
> Just
> >> > create a mail.in and a mail.out. In RADIUS the filter-id attribute
> should be
> >> > set to "mail".
> >> > The DNS is important so your users could use smtp.yourdomain.com
> as SMTP
> >> > server in their mail client
> >> > Remember that .in is traffic coming from the dial-up user to the NAS, and
> >> > .out is traffic going from the NAS to the Dial-up user.
> >> >
> >> > -----Mensaje original-----
> >> > De: Geoffrey L. Scully <info@olynet.com>
> >> > Para: radiusnt@iea-software.com <radiusnt@iea-software.com>
> >> > Fecha: Martes, 09 de Marzo de 1999 07:20 p.m.
> >> > Asunto: Re: [RadiusNT] Filters
> >> >
> >> > >I named them email and emailout. Then I set the interfaces to use
> input as
> >> > >email and output as emailout. Then I make the two extra attributes in
> >> > Radius as
> >> > >framed-filter "email" and framed-filter "emailout", correct? Why is the
> >> > DNS
> >> > >port important for output?
> >> > >
> >> > >Mauro Jaskelioff wrote:
> >> > >
> >> > >> For most NASes you set the filter name in Radius (ie: Filter-Id=mail )
> >> > and
> >> > >> then you define in the NAS two filters, mail.in and mail.out. This
> is the
> >> > >> most standard procedure. The HiperArc also has others way to define
> >> > filters,
> >> > >> though.
> >> > >>
> >> > >> -----Mensaje original-----
> >> > >> De: Geoff <info@olynet.com>
> >> > >> Para: radiusnt@iea-software.com <radiusnt@iea-software.com>
> >> > >> Fecha: Martes, 09 de Marzo de 1999 03:47 p.m.
> >> > >> Asunto: Re: [RadiusNT] Filters
> >> > >>
> >> > >> >How do you determine whether it is an input or output filter. I
> thought
> >> > it
> >> > >> >just worked both ways.
> >> > >> >----- Original Message -----
> >> > >> >From: Mauro Jaskelioff <mauro@citynet.net.ar>
> >> > >> >To: <radiusnt@iea-software.com>
> >> > >> >Sent: Tuesday, March 09, 1999 4:21 AM
> >> > >> >Subject: RE: [RadiusNT] Filters
> >> > >> >
> >> > >> >
> >> > >> >>You'll probable want to allow port 53 (DNS).
> >> > >> >>since you're using tcp-src-port, make sure you apply this to the
> .out
> >> > >> >>filter.
> >> > >> >>
> >> > >> >>-----Mensaje original-----
> >> > >> >>De: Geoffrey L. Scully <info@olynet.com>
> >> > >> >>Para: radiusnt@iea-software.com <radiusnt@iea-software.com>
> >> > >> >>Fecha: Martes, 09 de Marzo de 1999 02:41 a.m.
> >> > >> >>Asunto: [RadiusNT] Filters
> >> > >> >>
> >> > >> >>
> >> > >> >>>Hey, should this be a good filter for email only on a 3COM Hiper
> >> > >> >>>chassis?
> >> > >> >>>
> >> > >> >>>
> >> > >> >>>#filter
> >> > >> >>>IP:
> >> > >> >>>001 ACCEPT tcp-src-port = 25;
> >> > >> >>>002 ACCEPT tcp-src-port = 110;
> >> > >> >>>003 ACCEPT tcp-src-port = 119;
> >> > >> >>>004 DENY;
> >> > >> >>>
> >> > >> >>>
> >> > >> >>>For more information about this list, including removal, please
> >> > >> >>>see this URL: http://www.iea-software.com/maillist.html
> >> > >> >>>
> >> > >> >>
> >> > >> >>
> >> > >> >>For more information about this list, including removal, please
> >> > >> >>see this URL: http://www.iea-software.com/maillist.html
> >> > >> >
> >> > >> >
> >> > >> >For more information about this list, including removal, please
> >> > >> >see this URL: http://www.iea-software.com/maillist.html
> >> > >> >
> >> > >>
> >> > >> For more information about this list, including removal, please
> >> > >> see this URL: http://www.iea-software.com/maillist.html
> >> > >
> >> > >
> >> > >For more information about this list, including removal, please
> >> > >see this URL: http://www.iea-software.com/maillist.html
> >> > >
> >> >
> >> > For more information about this list, including removal, please
> >> > see this URL: http://www.iea-software.com/maillist.html
> >>
> >> For more information about this list, including removal, please
> >> see this URL: http://www.iea-software.com/maillist.html
> >
> >
> >For more information about this list, including removal, please
> >see this URL: http://www.iea-software.com/maillist.html
> >
> >
> *********************************
> * Mauro J. Jaskelioff *
> * mauro@citynet.net.ar *
> * Depto Técnico *
> * Citynet S.A. *
> * http://www.citynet.com.ar *
> * Ciudad Internet *
> * http://www.ciudad.com.ar *
> *********************************
>
> For more information about this list, including removal, please
> see this URL: http://www.iea-software.com/maillist.html
For more information about this list, including removal, please
see this URL: http://www.iea-software.com/maillist.html