I've forgotten what happens with UDP, but I think you still get a record of a TCP attempt with IPTRAF even if it is firewalled. Check the number of packets replied in the iptraf listing. If the connection is dropped by the FW then my iptraf just shows 1 packet in, but zero packets out.
Cameron. > -----Original Message----- > From: Edward Dekkers [mailto:edward@;tripled.iinet.net.au] > Sent: Tuesday, 12 November 2002 10:56 > To: [EMAIL PROTECTED] > Subject: netbios packets & firewall > > > Thanks to someone's suggestions on using iptraf, I found that > although I thought I had a fairly safe firewall, SOME > (admittedly very rare) netbios packets still get thrown on to > the ppp interface. I believe it only happens when someone > logs in, or when they search my LAN for active printers etc. > I'm not too worried, as this is pretty much normal Windows > behaviour. However, it is ofcourse unnecessary for Linux to > forward these packets. > > The two in question are netbios-ss/tcp and netbios-ns/udp. > > I *THINK* I can add these rules myself (although an example > would be appreciated), BUT, I don't want to detriment my > client PCs speed by selecting the wrong option (timeouts etc). > > Does anyone know what would be better? DENY or DROP? > > Regards, > > --- > Edward Dekkers (Director) > Triple D Computer Services P/L > > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
