Setting up an IPCHAIN rule set for NETBIOS will not prevent the
DNS NETBIOS Name Resolution Requests, coming from you Windows
Machine, from bringing up your link. The reaon is that the request
is a DNS Message, not NETBIOS. You will need to configure a
local caching DNS Server for your Network.
Jeff
----- Original Message -----
From: Murthy Raju <[EMAIL PROTECTED]>
To: Jeffrey Hawkins <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, February 09, 2000 2:24 PM
Subject: Re: also having the Netbios problem
> Hi,
>
> Is denying traffic on the ports used by net-bios traffic 137 to 139 using
> IPchains
>
> /sbin/ipchains -A forward -s 0.0.0.0/0 -j DENY
>
> an option?
>
> I remember reading about it somewhere. But
> Jeff's registry tweaking utility solved my problem a few weeks ago. But it
> may be too much of a trouble when there are large number of windows
> clients. Something on the server side will be helpful.
>
> regards
> Murthy Raju
>
>
>
> At 12:10 AM 2/9/00 -0500, Jeffrey Hawkins wrote:
> >Steve,
> >
> >Something a sent out a few months back....
> >
> >The Windows Machines are causing the Link to be brought up due
> >to that they are trying to use DNS for NETBIOS Name Resolution.
> >This is a little quirk with Windows Networking. With WinNT
> >Systems you can easily disable this by TCP/IP Protocol Network
> >Control Panel Dialog Setting related to WINS Addressing. With
> >Win9x Systems it is a little trickier in that you must modify a Registry
> >Setting. Attached is a Registry Edit Macro File which will change
> >the DNS Enable. Note, once this Macro is run, it will appear
> >that all DNS functionality is disabled when you look at the Networking
> >Control Panel DNS Dialogue -- this is not the case, only DNS related
> >to NETBIOS Name Resolution is disabled. If you need to perform
> >further DNS Edits (such as add DNS Servers), then enable DNS
> >from the DNS Dialogue, perform changes, save, and then reapply
> >the Registry Macro.
> >
> >In addition to the above, you may want to filter all NETBIOS traffic
> >from causing DIALD from activating the Link. Below are the filter
> >rules you will need to add to your filter file:
> >
> >ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns
> >ignore udp udp.dest=udp.netbios-ns
> >ignore udp udp.source=udp.netbios-ns
> >ignore udp udp.dest=udp.netbios-ssn
> >ignore udp udp.source=udp.netbios-ssn
> >ignore udp udp.dest=udp.netbios-dgm
> >ignore udp udp.source=udp.netbios-dgm
> >ignore tcp tcp.dest=tcp.netbios-ns
> >ignore tcp tcp.source=tcp.netbios-ns
> >ignore tcp tcp.dest=tcp.netbios-ssn
> >ignore tcp tcp.source=tcp.netbios-ssn
> >ignore tcp tcp.dest=tcp.netbios-dgm
> >ignore tcp tcp.source=tcp.netbios-dgm
> >
> >
> >Jeff
> >
> >
> >----- Original Message -----
> >From: Steve Arnold <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Sent: Tuesday, February 08, 2000 11:19 PM
> >Subject: Re: also having the Netbios problem
> >
> >
> >> Craig St George wrote:
> >>
> >> > I hope someone finds that registry setting I m also haveing the
problem
> >> > when a Win95 or Win98 client checks its POP account on the server it
> >fires
> >> > off a nameserver lookup for some reason
> >> >
> >> > I have put the client names in my host file but that doesn't help any
> >> > If anyone has nay ideas please let me know
> >>
> >> Try putting your local hostnames in c:\windows\lmhosts
> >>
> >> Steve
> >>
> >> -
> >> To unsubscribe from this list: send the line "unsubscribe linux-diald"
in
> >> the body of a message to [EMAIL PROTECTED]
> >>
> >
> >
> >
> >
> >
> >
> >-
> >To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> >the body of a message to [EMAIL PROTECTED]
> >
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
