Original post: > I am a fairly new member of this list. I have just set up my linux machine at > home with ipmasquerading and diald. Everything works fine, EXCEPT: when I am > on a windows machine and double click my network neighborhood, it brings up > the link. I have sniffed the lan and found that the packets that are doing > this are the port 137, 138 and 139 that windows uses for netbios > communications. I have tried changing the standard.filter file, and have > tried different variations on the ipchains for trying to drop these packets. > But so far I have not hit the right combination. Solution: 1. Installed a dns server on my linux box. (Although I am not sure this is a requirement) 2. Put the following lines at the top of my standard.filter file. ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns ignore udp udp.dest=udp.netbios-ns ignore udp udp.source=udp.netbios-ns ignore udp udp.dest=udp.netbios-ssn ignore udp udp.source=udp.netbios-ssn ignore udp udp.dest=udp.netbios-dgm ignore udp udp.source=udp.netbios-dgm ignore tcp tcp.dest=tcp.netbios-ns ignore tcp tcp.source=tcp.netbios-ns ignore tcp tcp.dest=tcp.netbios-ssn ignore tcp tcp.source=tcp.netbios-ssn ignore tcp tcp.dest=tcp.netbios-dgm ignore tcp tcp.source=tcp.netbios-dgm At that point, everything worked. However, when the link came up when I double clicked on my browser, it would apparently time out. I would have to click on the refresh once the link was up. To eliminate this problem, I put the dns server in my windows box 3 times. This tells the windows machine to keep looking for an ip address on the second and even third dns server (even if it is the same one), after the first dns entry timed out. This eliminates the apparent dropped packets that the initial browser may experience. Thanks to the following people... Craig St George <[EMAIL PROTECTED]> Jake Colman <[EMAIL PROTECTED]> Stanislaw Gierlotka <[EMAIL PROTECTED]> [EMAIL PROTECTED] Jeffrey Hawkins <[EMAIL PROTECTED]> ---------------------------------- Dave McFerren: [EMAIL PROTECTED] Unix Consultant Collective Technologies "It never hurts to help" Eek the Cat ---------------------------------- - To unsubscribe from this list: send the line "unsubscribe linux-diald" in the body of a message to [EMAIL PROTECTED]
