12-29-2011, 06:27 PM
So, I've not dabled with ACL's since school a decade back, but I'm trying to make a simple ACL to limit all traffic that does not originate from source ports relating to my game server.
All servers are on port 27015, with different IP's. I tried the following rule which I thought would work
Extended IP access list FWxxxxxxxxx_OUT
10 permit udp any range 27005 27016 any
20 deny udp any any
30 permit ip any any
But for some reason does not. Should that rule block all incoming UDP traffic that is not origination from source ports in that range? Are there other ports I need to add to the exception list?
I ran wireshark on a client while connecting and I sent no other information that was not inside that port range.
All servers are on port 27015, with different IP's. I tried the following rule which I thought would work
Extended IP access list FWxxxxxxxxx_OUT
10 permit udp any range 27005 27016 any
20 deny udp any any
30 permit ip any any
But for some reason does not. Should that rule block all incoming UDP traffic that is not origination from source ports in that range? Are there other ports I need to add to the exception list?
I ran wireshark on a client while connecting and I sent no other information that was not inside that port range.