>
> Jephe Wu writes:
> >
> > try the following command.
> >
> > /sbin/ipfwadm -F -a deny -S 0.0.0.0 netbios-ns -P tcp
> > /sbin/ipfwadm -F -a deny -S 0.0.0.0 netbios-ns -P udp
> > /sbin/ipfwadm -F -a deny -S 0.0.0.0 netbios-dgm -P tcp
> > /sbin/ipfwadm -F -a deny -S 0.0.0.0 netbios-dgm -P udp
> > /sbin/ipfwadm -F -a deny -S 0.0.0.0 netbios-ssn -P tcp
> >
> > if okay, then add them to /etc/rc.d/rc.local
>
> Nope- didn't work. Good to have, though. Isn't this acting on the packets
> on the PPP link, not the ethernet, and therefore not affected by diald?
>
> I'm going to have to wade through the logfiles again and make double sure
> of what I'm seeing.
>
We had that problem. It is not the netbios packets themselves (which
the ipfwadm rules above would stop), but the brain-damaged DNS lookups
that WIN95 boxes make for no apparent reason. They try to do a DNS lookup
on their workgroup at regular (12 minute?) intervals. God only knows
why.
You can see this with tcpdump (as root)
/usr/sbin/tcpdump -s 512 port domain
Should show you all the dns lookups happening on your lan.
We stopped this by changing (from memory) one of the settings in the
network configuration for file sharing for msoft windows. Something
like
control panel -> networks
pick file sharing for microsoft windows, properties
turn off lm announce or something like that
Sorry I can't be more specific. Home is a (nearly *) Microsoft free
environment.
Anyone else remember exactly how to do this?
-- cary
* Will be as soon as I get the wife moved from Dos WordPerfect 5.0 to
applixware and I replace the damn microsoft mouse!
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
