From owner-freebsd-questions Fri Sep 6 07:11:37 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA07100 for questions-outgoing; Fri, 6 Sep 1996 07:11:37 -0700 (PDT) Received: from al.imforei.apana.org.au (root@al.imforei.apana.org.au [202.12.89.41]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA07089 for ; Fri, 6 Sep 1996 07:11:26 -0700 (PDT) Received: (from pjchilds@localhost) by al.imforei.apana.org.au (8.7.5/8.7.3) id XAA10009; Fri, 6 Sep 1996 23:40:29 +0930 (CST) Date: Fri, 6 Sep 1996 23:40:29 +0930 (CST) From: Peter Childs Message-Id: <199609061410.XAA10009@al.imforei.apana.org.au> To: vam@recruiter.on.ca, freebsd-questions@freebsd.org Subject: Re: Firewall to keep out NetBIOS X-Newsreader: TIN [version 1.2 PL2] Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article you wrote: : I'm trying to set up freebsd as a firewall to keep people on the internet : from accessing MS-Windows shared directories. [cut] : I want to keep out TCP and UDP traffic from ports 137, 138 and 139, so I : started with something like this: : /sbin/ipfw addf deny tcp from any to $1 137 : /sbin/ipfw addf deny tcp from $1 137 to any [cut] I'd probably just block everything going in and out on 137->139 on your slip link with something simple like... ipfw addf deny tcp from any to any 137:139 via sl0 I'm not to sure on the syntax, because it has changed a fair bit between the releases (2.1 -> 2.1-stables -> 2.1.5-release -> 2.1.5-stable ) Peter -- Peter Childs --- http://www.imforei.apana.org.au/~pjchilds Finger pjchilds@al.imforei.apana.org.au for public PGP key Drag me, drop me, treat me like an object!