Date: Tue, 11 Nov 2003 12:00:10 -0000 From: "Simon Gray" <simong@desktop-guardian.com> To: "Shawn Guillemette" <shawn@guillemette.org>, <freebsd-questions@freebsd.org> Subject: Re: ipfw question Message-ID: <01ae01c3a84b$5bb0c1b0$1100a8c0@dtg17> References: <006201c3a7ff$a9b227b0$6701a8c0@tacstation>
next in thread | previous in thread | raw e-mail | index | archive | help
>63000 0 0 deny log logamount 100 udp from any to any 119 via sis0 >63000 24 1152 deny log logamount 100 tcp from any to any 135 via sis0 >63000 0 0 deny log logamount 100 udp from any to any 135 via sis0 >63000 is the rule number correct? >IM wondering what the other 2 places are.. >24 and 1152 if you're getting 0 on the other rules, it probably means its not running those rules. So therefore it won't actually log if it isn't get to that rule. also from the looks of things, if you're trying to block windows filesharing/smb you might want to block 135 - 139 both tcp/udp (instead of specifiying 135 in the rule add '135-139') rather than just 135 tcp/udp >Are they inbound and outbound? well depends (could be both yes), anything thats aimed at tcp 135 will be denied and logged >Do I make any sence? Not really :/ whats the question?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01ae01c3a84b$5bb0c1b0$1100a8c0>