On Tue, Apr 25, 2017 at 10:11 AM, Brian Kantor Brian@ucsd.edu wrote:
These are the rules that route AMPRNet traffic to and from the ipip daemon (FreeBSD ipfw syntax):
# # AMPR routing # # table(1) contains all registered/routable 44net addrs. # table(2) contains all registered gateways.
# outbound encapsulated packets # should go only to registered gateways 00100 allow ipencap from me to 'table(2)'
# inbound encapsulated packets # should only come from registered gateways 00200 allow ipencap from 'table(2)' to me
# filter the 44net input side of things # valid destination addresses go to the router socket: ipipd 00300 divert 4444 ip from any to 'table(1)' in not dst-port 111,135-139,445,1025-1028,1900,2323,5353,7547
# filter the 44net output side of things 00400 allow ip from 'table(1)' to any
Is there a default deny rule?
Tom KD7LXL