Date: Fri, 30 Mar 2001 20:10:36 -0500 From: James Housley <jim@thehousleys.net> To: Rick Knebel <rknebel@uplink.net> Cc: questions@freebsd.org Subject: Re: udp ports Message-ID: <3AC52E8C.7B60850C@thehousleys.net> References: <p05001900b6eadc7e72bb@[192.168.1.2]>
next in thread | previous in thread | raw e-mail | index | archive | help
Rick Knebel wrote: > > Hi, > > i have a small home network and firewall running on my freebsd box. > I have 3 other computers that use it as a gateway to the internet and > file sharing through Samba. > > I am tying to block the udp ports 137 and 138 so that I can still use > samba but people on the outside cannot see these ports. > > I have tried now for 1 week to do this but no matter how I try when I > have my computer scanned people can see my workgroup and netbios name > and it says that ports 137 and 138 are visible. > > I guess I cannot get this syntax of the commands right. > I am using the following rules successfully, vx0 is my external interface. ipfw add deny tcp from any to any 137-139 via vx0 ipfw add deny udp from any to any 137-139 via vx0 You were missing port 139. Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC52E8C.7B60850C>