[j-nsp] juniper-nsp Digest, Vol 55, Issue 33
Niels Bakker
niels=juniper-nsp at bakker.net
Thu Jun 28 07:44:36 EDT 2007
* kanagaraj at aims.com.my (Kanagaraj Krishna) [Thu 28 Jun 2007, 13:22 CEST]:
> Aren't the incoming filters used to filter access to certain
> services/port into the router? I'm curious on how an external response
> (from a telnet request) could be affected unless it tries to respond to
> port 80 of the initiator which in normal circumstances is not likely.
> Any comments?
Obviously it responds from port 80. It's a TCP connection. See another
poster's comment on "tcp-established".
>/Kana
>> ----- Original Message -----
>> From: David Ball
>>
>> It very likely IS allowing OUTgoing telnet, even without the
>> adjustment in your filter. The problem is, it's not allowing the
>> response from the (assumed) web server in the INbound direction, hence
>> your need for the allowance in your input filter.
--
More information about the juniper-nsp
mailing list