It's easier to type those 8 lines than change configs on 40 machines :-)
How'd windows be able to see networked machines if it'd be castrated this
way?
Denis Voitenko
Tel: 856 809-9252
Mail: [EMAIL PROTECTED]
ICQ: 9396092
----- Original Message -----
From: Matt Hoppes <[EMAIL PROTECTED]>
To: Denis Voitenko <[EMAIL PROTECTED]>
Cc: Linux - Diald <[EMAIL PROTECTED]>
Sent: Friday, December 03, 1999 9:57 AM
Subject: Re: IPCHAIN Rule Set for denying forwarding of NETBIOS
> Dare I ask why you can't just disable the Browser option in the network so
> that windowd eson't try to be the network browser?!?!?! That fixes the
> whole thing.. and make sure IPX/SPX isn't installed
>
>
> On Fri, 3 Dec 1999, Denis Voitenko wrote:
>
> > Date: Fri, 3 Dec 1999 12:15:46 -0800
> > From: Denis Voitenko <[EMAIL PROTECTED]>
> > To: Denis Voitenko <[EMAIL PROTECTED]>, Tim Coleman <[EMAIL PROTECTED]>,
> Jeffrey Hawkins <[EMAIL PROTECTED]>
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: IPCHAIN Rule Set for denying forwarding of NETBIOS
> >
> > Okay, I think I figured it out. This is the way it's supposed to be
> >
> > ipchains -A input -d 0/0 netbios-ns -p UDP -j DENY
> > ipchains -A input -d 0/0 netbios-ssn -p UDP -j DENY
> > ipchains -A input -d 0/0 netbios-dgm -p UDP -j DENY
> > ipchains -A input -d 0/0 netbios-ns -p TCP -j DENY
> > ipchains -A input -d 0/0 netbios-ssn -p TCP -j DENY
> > ipchains -A input -d 0/0 netbios-dgm -p TCP -j DENY
> >
> > It's a shame that you can't specify multiple -p options, it'd be even
> > simpler then.
> >
> > Cheers.
> >
> > Denis Voitenko
> > Tel: 856 809-9252
> > Mail: [EMAIL PROTECTED]
> > ICQ: 9396092
> >
> >
> > ----- Original Message -----
> > From: Denis Voitenko <[EMAIL PROTECTED]>
> > To: Tim Coleman <[EMAIL PROTECTED]>; Jeffrey Hawkins <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Friday, December 03, 1999 10:36 AM
> > Subject: Re: IPCHAIN Rule Set for denying forwarding of NETBIOS
> >
> >
> > > Why do the marked lines have to be there? You also call that rule
before.
> > >
> > >
> > > > ipchains -A input -s 0.0.0.0/0 netbios-ns -p udp -j DENY
> > > > ipchains -A input -d 0.0.0.0/0 netbios-ns -p udp -j DENY
> > > > ipchains -A input -s 0.0.0.0/0 netbios-ssn -p udp -j DENY
> > > > ipchains -A input -d 0.0.0.0/0 netbios-ssn -p udp -j DENY
> > > > ***ipchains -A input -s 0.0.0.0/0 netbios-ns -p udp -j DENY <--
this
> > > > ipchains -A input -d 0.0.0.0/0 netbios-dgm -p udp -j DENY
> > > > ipchains -A input -s 0.0.0.0/0 netbios-ns -p tcp -j DENY
> > > > ipchains -A input -d 0.0.0.0/0 netbios-ns -p tcp -j DENY
> > > > ipchains -A input -s 0.0.0.0/0 netbios-ssn -p tcp -j DENY
> > > > ipchains -A input -d 0.0.0.0/0 netbios-ssn -p tcp -j DENY
> > > > ***ipchains -A input -s 0.0.0.0/0 netbios-ns -p tcp -j DENY <-- and
> > this
> > > > ipchains -A input -d 0.0.0.0/0 netbios-dgm -p tcp -j DENY
> > >
> > >
> > >
> > > -
> > > To unsubscribe from this list: send the line "unsubscribe linux-diald"
in
> > > the body of a message to [EMAIL PROTECTED]
> >
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-diald"
in
> > the body of a message to [EMAIL PROTECTED]
> >
>
> *~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
> * It's an Acid! *
> * No, It's a Base! *
> * Wait Kids... Don't Argue! It's Both! It's Amphiprotic! *
> *~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
