From owner-freebsd-questions Fri Mar 30 17: 5:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from rknebel.uplink.net (rknebel.uplink.net [209.173.88.243]) by hub.freebsd.org (Postfix) with ESMTP id 42CA237B71B for ; Fri, 30 Mar 2001 17:05:40 -0800 (PST) (envelope-from rknebel@uplink.net) Received: from [192.168.1.2] (mac.uplink.net [192.168.1.2]) by rknebel.uplink.net (8.11.1/8.11.1) with ESMTP id f2V14CR54974 for ; Fri, 30 Mar 2001 20:04:17 -0500 (EST) (envelope-from rknebel@uplink.net) Mime-Version: 1.0 X-Sender: rknebel@rknebel.uplink.net Message-Id: Date: Fri, 30 Mar 2001 20:05:26 -0500 To: questions@freebsd.org From: Rick Knebel Subject: udp ports Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, i have a small home network and firewall running on my freebsd box. I have 3 other computers that use it as a gateway to the internet and file sharing through Samba. I am tying to block the udp ports 137 and 138 so that I can still use samba but people on the outside cannot see these ports. I have tried now for 1 week to do this but no matter how I try when I have my computer scanned people can see my workgroup and netbios name and it says that ports 137 and 138 are visible. I guess I cannot get this syntax of the commands right. One person suggested this: ipfw add deny udp 137 from outbound interface to inbound interface ipfw add deny udp 137 from inbound interface to outbound interface This did not work. Can anyone help me or give a suggestion? Thanks Rick -- Rick Knebel rknebel@uplink.net http://members.tripod.com/~Rick_Knebel/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message