Oh, I have a related question. I have a private Windows network behind a
Linux box that I use as a firewall and PPP dial-on-demand server so all my
windows machines can get on the net thru a single modem.
Now I have filtered out most of the Windows netbios traffic with the
following lines:
/sbin/ipchains -A forward -j DENY -p tcp -s 0.0.0.0/0 137:139
/sbin/ipchains -A forward -j DENY -p udp -s 0.0.0.0/0 137:139
But there is still the occasional traffic that makes the linux box dial up,
even if the windows machines are just sitting there, on. Does anyone have
any idea what it is and how to filter it?
Thanks,
Tim
----- Original Message -----
From: Ralf G. R. Bergs <[EMAIL PROTECTED]>
To: Chris Gill <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, May 25, 2000 2:25 PM
Subject: Re: How to filter DNS?
> On Thu, 25 May 2000 08:22:40 -0400 (EDT), Chris Gill wrote:
>
> >Hey folks. I asked here last week about a filtering bridge (or a bridging
> >filter). Thanks for the replies, it's working great. Well, there's one
> >problem. Clients are on one side, the DNS server on the other. And the
> >clients can't do lookups. My filtering rules are fairly strict, but I do
> >allow all non-SYN TCP packets to pass, and opened port 53 (which is the
> >DNS port, correct?) in both directions, but still no dice. Anybody know
> >what the trick is?
>
> The trick is that DNS is UDP, not TCP. :-)
>
>
> --
> Sign the EU petition against SPAM: L I N U X .~.
> http://www.politik-digital.de/spam/ The Choice /V\
> of a GNU /( )\
> Generation ^^-^^
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
