Date: Mon, 21 Aug 2000 00:00:30 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Dan Larsson <dl@tyfon.net> Cc: FreeBSD Questions List <questions@FreeBSD.ORG> Subject: Re: Howto do protocol filtering on FreeBSD Message-ID: <20000821000030.D28027@149.211.6.64.reflexcom.com> In-Reply-To: <Pine.BSF.4.21.0008210837360.38260-100000@hq1.tyfon.net>; from dl@tyfon.net on Mon, Aug 21, 2000 at 08:39:32AM %2B0200 References: <20000819000533.P28027@149.211.6.64.reflexcom.com> <Pine.BSF.4.21.0008210837360.38260-100000@hq1.tyfon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 21, 2000 at 08:39:32AM +0200, Dan Larsson wrote: > On Sat, 19 Aug 2000, Crist J . Clark wrote: > > | On Sat, Aug 19, 2000 at 12:53:25AM +0200, Dan Larsson wrote: > | > Let's say I only want to allow IP based traffic through > | > my router how do I filter out all other protocols? > | > | Well, a FreeBSD router isn't going to route anything but IP and > | possibly IPv6 unless you make efforts to do otherwise. What kind of > | traffic are you trying to drop? > > Well, basically everything that is not traffic to or from an internet > resource using tcp. (such as netbios over ip) NetBIOS over IP is still IP. It also does use TCP and UDP. If you want to block it, best off blocking UDP and TCP ports 137-139. Otherwise, your router would have to be inspecting packets above the network and transport layers, and that's probably not really something a router should be doing. -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000821000030.D28027>