[lug] iptables smb
Harris, James
James_Harris at maxtor.com
Fri Apr 19 09:06:48 MDT 2002
I'm still in the dark ages and haven't used tables, but I can confirm what
you need to block. I assume since you're targetting port 139, you're
probably intending to block NetBIOS broadcasts?
Here's all of the stuff you want to block on the Internet side: You'll
probably see 137:139/udp being your biggest amount of traffic (broadcasts
are done on udp, which is the most important thing to block.)
netbios-ns 137/tcp NETBIOS Name Service
netbios-ns 137/udp NETBIOS Name Service
netbios-dgm 138/tcp NETBIOS Datagram Service
netbios-dgm 138/udp NETBIOS Datagram Service
netbios-ssn 139/tcp NETBIOS Session Service
netbios-ssn 139/udp NETBIOS Session Service
-----Original Message-----
From: j davis [mailto:davis_compz at hotmail.com]
Sent: Thursday, April 18, 2002 18:24
To: lug at lug.boulder.co.us
Subject: [lug] iptables smb
yo,
would this block outgoing smb from my firewall to internet
if placed in the OUTPUT chain of nat table.eth0 is public ip (gateway)
/sbin/iptables -A OUTPUT -p tcp -o eth0 --sport 139 -J DROP
i have seen how my daemons will pass a established connection to a diffrent
port
but im thinking this will stop a inital connection.
thanks
jd
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
_______________________________________________
Web Page: http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list