shawn at guillemette.org
Tue Nov 11 04:35:53 PST 2003
Im realy only blocking 135 due to the MSBlaster and others... no Samba yet
----- Original Message -----
From: "Simon Gray" <simong at desktop-guardian.com>
To: "Shawn Guillemette" <shawn at guillemette.org>;
<freebsd-questions at freebsd.org>
Sent: Tuesday, November 11, 2003 7:00 AM
Subject: Re: ipfw question
> >63000 0 0 deny log logamount 100 udp from any to any 119 via
> >63000 24 1152 deny log logamount 100 tcp from any to any 135 via
> >63000 0 0 deny log logamount 100 udp from any to any 135 via
> >63000 is the rule number correct?
> >IM wondering what the other 2 places are..
> >24 and 1152
> if you're getting 0 on the other rules, it probably means its not running
> those rules.
> So therefore it won't actually log if it isn't get to that rule.
> also from the looks of things, if you're trying to block windows
> filesharing/smb you
> might want to block 135 - 139 both tcp/udp (instead of specifiying 135 in
> the rule add '135-139')
> rather than just 135 tcp/udp
> >Are they inbound and outbound?
> well depends (could be both yes), anything thats aimed at tcp 135 will be
> denied and
> >Do I make any sence?
> Not really :/ whats the question?
More information about the freebsd-questions