Forum Discussion
Michael_Jenkins
Jan 20, 2015Cirrostratus
how bout try this and see what you get in the logs
when CLIENT_ACCEPTED {
Check if client IP is not defined in the allowed_clients datagroup
log local0. "IP address: [IP::client_addr]"
if { [class match [IP::client_addr] equals Admin_Data_Group] } {
Client in allowed IP list, so no more checks. ALLOW ACCESS
log local0. " ALLOWED by IP address"
return
}
log local0. "Source Port: [TCP::remote_port]"
if { [TCP::remote_port] >= 50000 && [TCP::remote_port] <= 59999 } {
log local0. " IP in ALLOW range"
return
}
Drop any connections that don't fit the previous criteria
log local0. "IP and Port checks failed. DROPPING connection"
drop
}