I want access to work, and to the internet, but I want my appletalk network to be my own personal home network. So I want to block appletalk packets. (The call filter that comes with the Pipeline 25 doesn't block any packets at all. It is for people who use Ethertalk, and want to bridge it, but don't want to place ISDN calls based on random or incidental Ethertalk traffic.) The filter to block all Ethertalk packets is much simpler than the Call filter.
Block Appletalk #this is what I named the filter Output 01 Generic #don't forward appletalk packets Forward=No Offset=14 Length=8 Mask=ffffff000000ffff Value=aaaa03000000809b #809b is appletalk ethernet proto number More=No 02 Generic #don't forward appletalk AARP packets Forward=No Offset=14 Length=8 Mask=ffffff000000ffff Value=aaaa0300000080f3 #80f3 is appletalk AARP ethernet proto number More=No 03 Generic #forward everything else Forward=Yes Offset=0 Length=0 Mask=0000000000000000 Value=0000000000000000 More=NoI've also had problems where Mbone traffic on the OSU end of the line has flooded my ISDN line. The following filter is used on the OSU end (on a Pipeline 50), to block this traffic, as well as hide campus Ethertalk from my network.
Output 01 IP #block multicast packets Forward=No Src Mask=0.0.0.0 Src Adrs=0.0.0.0 Dst Mask=255.0.0.0 Dst Adrs=18.104.22.168 #all multicast addresses start with 224 Protocol=0 Src Port Cmp=None Src Port #=N/A Dst Port Cmp=None Dst Port #=N/A TCP Estab=N/A 02 Generic #the rest is the same as the P25 filter Forward=No Offset=14 Length=8 Mask=ffffff000000ffff Value=aaaa03000000809b More=No 03 Generic Forward=No Offset=14 Length=8 Mask=ffffff000000ffff Value=aaaa0300000080f3 More=No 04 Generic Forward=Yes Offset=0 Length=0 Mask=0000000000000000 Value=0000000000000000 More=NoThe Ascend FAQ has a good reference that lists well known IP port numbers, IP protocol numbers, and Ethernet protocol numbers.
|Send Me Email