AnsweredAssumed Answered

Disabling 'out of state' checks between certain hosts

Question asked by Leandro Nicoletti on Dec 14, 2018
Latest reply on Dec 14, 2018 by Dameon Welch-Abernathy

 I've read that it's possible to disabled 'out of state' check between subnets and certain hosts using the use.def.X using something like the example below.

I'm ok with the version of the user.def file I should be using, but my challenge is I have 5 source ip's of which any could be used to communicate with 10 destination ip's. Not sure how to reflect that in the example below.

Any ideas ?

 

/* Start of INSPECT modification - sk11088 */deffunc user_accept_non_syn() { ((dst = x.x.x.x) and (src = y.y.y.y)) or ((dst = y.y.y.y) and (src = x.x.x.x)) };/* End of INSPECT modification */

Outcomes