Hi forum.
Im stuck with some tag-rules.
Servers should be able to initialize connection with other servers and non-servers (aka. everyone).
Non-servers should not be able to initialize connection to anyone at all.
Simplified version:
tag server
id 1000
enum 10 No
enum 20 Yes
default No
;drop
chr tcp_syn
and not chr tcp_ack
and not ipsrc 10.144.0.1/32
;
accept;
The above is working, since my test-server is located at 10.144.0.1/32, but I need it to work with the tag ‘server’, and not specific IP.
I have tried with an accept-rule in between, accepting the tag ‘server’ playing around with tdiff but nothing seems to do it for me.
Any ideas?