SUMMARY: T3 and IPFilter

From: Roetman, Paul <>
Date: Mon Nov 21 2005 - 17:54:20 EST
Thanks to Daryl McKinnon, Anthony Florendo and Mike Box

General consensus was to allow all from the T3 through to the
server...on the grounds that the T3 is in the datacenter. The amount of
trouble required to break in through the T3's IP address is way above
what we are trying to manage here!



-----Original Message-----
[] On Behalf Of Roetman, Paul
Sent: Tuesday, 15 November 2005 9:27 AM
Subject: T3 and IPFilter


Has anyone configured a T3 to converse with a Sun box (2.8) with
pfil/IPFilter seems to use different from and to ports
every time it connects (this process seems to be tied in with explorer

A couple of weeks ago, I had it talking correctly with this line, where
the server is, and the t3 is

pass in quick proto tcp from port 1110 >< 1124 to
port 59769 >< 58000 keep state

but then this week, it fails with this error message:

Nov 14 06:32:57 ipmon[12577]: [ID 702911 local0.warning]
06:32:56.713727 hme0 @0:2 b,1166 ->,64080 PR tcp len 20
44 -S IN

and on another T3, I had a different address range again!

T3 Manuals, Google, Bigadmin and SunManager Archives do not give any


sunmanagers mailing list
sunmanagers mailing list
Received on Mon Nov 21 17:54:57 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:53 EST