Okay, I think I figured it out. This is the way it's supposed to be
ipchains -A input -d 0/0 netbios-ns -p UDP -j DENY
ipchains -A input -d 0/0 netbios-ssn -p UDP -j DENY
ipchains -A input -d 0/0 netbios-dgm -p UDP -j DENY
ipchains -A input -d 0/0 netbios-ns -p TCP -j DENY
ipchains -A input -d 0/0 netbios-ssn -p TCP -j DENY
ipchains -A input -d 0/0 netbios-dgm -p TCP -j DENY
It's a shame that you can't specify multiple -p options, it'd be even
simpler then.
Cheers.
Denis Voitenko
Tel: 856 809-9252
Mail: [EMAIL PROTECTED]
ICQ: 9396092
----- Original Message -----
From: Denis Voitenko <[EMAIL PROTECTED]>
To: Tim Coleman <[EMAIL PROTECTED]>; Jeffrey Hawkins <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, December 03, 1999 10:36 AM
Subject: Re: IPCHAIN Rule Set for denying forwarding of NETBIOS
> Why do the marked lines have to be there? You also call that rule before.
>
>
> > ipchains -A input -s 0.0.0.0/0 netbios-ns -p udp -j DENY
> > ipchains -A input -d 0.0.0.0/0 netbios-ns -p udp -j DENY
> > ipchains -A input -s 0.0.0.0/0 netbios-ssn -p udp -j DENY
> > ipchains -A input -d 0.0.0.0/0 netbios-ssn -p udp -j DENY
> > ***ipchains -A input -s 0.0.0.0/0 netbios-ns -p udp -j DENY <-- this
> > ipchains -A input -d 0.0.0.0/0 netbios-dgm -p udp -j DENY
> > ipchains -A input -s 0.0.0.0/0 netbios-ns -p tcp -j DENY
> > ipchains -A input -d 0.0.0.0/0 netbios-ns -p tcp -j DENY
> > ipchains -A input -s 0.0.0.0/0 netbios-ssn -p tcp -j DENY
> > ipchains -A input -d 0.0.0.0/0 netbios-ssn -p tcp -j DENY
> > ***ipchains -A input -s 0.0.0.0/0 netbios-ns -p tcp -j DENY <-- and
this
> > ipchains -A input -d 0.0.0.0/0 netbios-dgm -p tcp -j DENY
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
