[j-nsp] Block port 0 traffic
John Kristoff
jtk at northwestern.edu
Fri Oct 22 12:10:31 EDT 2004
On Thu, 14 Oct 2004 22:43:34 -0400 (EDT)
"Brian W. Gemberling" <bwgember at ptptech.com> wrote:
> You can use the from
> port 0;
> that should match either or, or both.
While others have mentioned fragments, please note that UDP messages
with source port equal to zero are normal and common. Many UDP-based
apps will set their source port to zero when they do not expect a reply
from the receiver. From RFC 768:
Source Port is an optional field, when meaningful, it indicates the port
of the sending process, and may be assumed to be the port to which a
reply should be addressed in the absence of any other information. If
not used, a value of zero is inserted.
John
More information about the juniper-nsp
mailing list