Blocking windows messages

To: Debian-firewall@lists.debian.org
Subject: Blocking windows messages
From: Matthew Kopishke <Matt@Kopishke.org>
Date: Wed, 7 Apr 2004 09:14:33 -0400
Message-id: <[🔎] 82CF6E81-8895-11D8-A186-0003938BA5DE@Kopishke.org>

We have been getting a few windows messages as of late so I added thefollowing rules to my firewall:


iptables -A FORWARD -p tcp -d ! $SERVERIP --dport 135:139 -j DROP
iptables -A FORWARD -p udp -d ! $SERVERIP --dport 135:139 -j DROP

iptables -A FORWARD -p tcp -m iprange --dst-range $FULLRANGE --dport445 -j DROPiptables -A FORWARD -p udp -m iprange --dst-range $FULLRANGE --dport445 -j DROP

$SERVERIP is a machine that needs 135 - 139 open, so the way I read therule is that unless it's going to $SERVERIP on 135 - 139 drop it, butthe windows messages still seem to be getting through. Oh, and$FULLRANGE is just a range of IPs I'm doing this for. In this case itcould have been done just as easily as a block with a netmask, but Iguess I wasn't thinking at the moment.


Matt

Reply to:

Prev by Date: Re: no way to get out
Next by Date: Re: Blocking windows messages
Previous by thread: Re: anti spoofing / network address
Next by thread: Re: Blocking windows messages
Index(es):
- Date
- Thread