Find the answer to your Linux question:
Results 1 to 7 of 7
hi all I use fwbuilder to create my iptables-rule-set on my debian box. Now, in my network, there are more machines with windows installed, and they send a lot of ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2007
    Posts
    28

    deny broadcast on *.*.*.255


    hi all

    I use fwbuilder to create my iptables-rule-set on my debian box. Now, in my network, there are more machines with windows installed, and they send a lot of broadcast-messages to e.g. 10.0.0.255 to port 137-139. Now, my problem is, I don't want to deny all to 10.0.0.255 and above ports, because sometime I'm in any other networks (=other netaddresses, eg 192.168.1.*) but also with windows-machines.

    Is there any way to define something like 0.0.0.255/0.0.0.255 rule? this one don't work.

    Thanks for any ideas...
    raphael

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Well, I havnt learned myself how to set rules for iptables with commandline.
    But with the webmin module its Quite easy to set no Trafic at
    *.*.*.255
    Maybe you should look into it.
    HOpe that helped.
    New Users, please read this..
    Google first, then ask..

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Well if you are never going to use Samba then you could just block those ports.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  4. #4
    Just Joined!
    Join Date
    Oct 2007
    Location
    Pennsylvania
    Posts
    31
    raphi078,

    Lazydog is right, if your not using this linux box as a gateway, and all traffic is sourced from the local box then....

    --A RH-Firewall-1-INPUT -i eth0 -p tcp -m tcp --dport 135:139 -j DROP

    Bitstreamer

  5. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by bitstreamer View Post
    raphi078,

    Lazydog is right, if your not using this linux box as a gateway, and all traffic is sourced from the local box then....

    --A RH-Firewall-1-INPUT -i eth0 -p tcp -m tcp --dport 135:139 -j DROP

    Bitstreamer
    Be careful with what you post. Not everyone uses RH.
    In fact I find it stupid that RH does their firewall this way. Guess it's a RH thing.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #6
    Just Joined!
    Join Date
    Oct 2007
    Location
    Pennsylvania
    Posts
    31

    Redhat

    Lazydog,

    I'm not using Redhat, I'm using CentOS.

    Seriously, my bad! Hope he got the point though.

    Bitstreamer

  7. #7
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Cool, a fellow CentOS user!!

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •