[j-nsp] Disable telnet/ssh access from virtual routers

[Victor Sudakov]

Aaron Dewell wrote:
> 
> Apply a filter on lo0.0 which denies traffic from anything but your
> management IPs.  

But what if the customer is using the same IPs as my management IPs? 

> Or, put a filter on the VR interface denying all
> traffic destined to that IP itself.  

This may work, thank you, though it's not exactly elegant.


-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru