flashlightlens
Newly Enlightened
My boss just got fired, which leaves me as the underpaid network engineer. I need to make some changes on my PIX Firewall to limit SMTP access to certain IP addresses from Sprint. I've got it down to the fact that I need to change one of my "conduit" lines in the config to reflect the limites IP's. The current line reads:
conduit permit tcp host mailserver eq smtp any
Do I just add the IP's where "any" is now? The programming manual mentions needing the global_mask - is this really needed? Can I just make the line look like this:
conduit permit tcp host grpwise eq smtp 172.16.1.0 172.16.1.1 172.16.1.2 172.16.1.3 172.16.1.4 172.16.1.5
?????.......
Anyone?.......Bueller.........
conduit permit tcp host mailserver eq smtp any
Do I just add the IP's where "any" is now? The programming manual mentions needing the global_mask - is this really needed? Can I just make the line look like this:
conduit permit tcp host grpwise eq smtp 172.16.1.0 172.16.1.1 172.16.1.2 172.16.1.3 172.16.1.4 172.16.1.5
?????.......
Anyone?.......Bueller.........