Hi

My server (fedora 5) is receiving hundreds of scans on port 135 everyday. It's normal, I know. That's why I'm trying to drop all packets to/from port 135 with iptables (version 1.3.5). But when I look at the network traffic with iptraf 3.0.0, it still shows packets arriving on port 135.

Can somebody take a look at my iptables config file? As you can see, I tried everything!
Is iptraf catching packets before iptables?

# Generated by iptables-save v1.3.5 on Fri Mar 30 17:49:54 2007
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [16303:6247268]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -p tcp -m multiport --dports 135 -j DROP
-A INPUT -p udp -m multiport --dports 135 -j DROP
-A INPUT -p tcp -m tcp --dport 135 -j DROP
-A INPUT -p udp -m udp --dport 135 -j DROP
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A OUTPUT -p tcp -m multiport --sports 135 -j DROP
-A OUTPUT -p udp -m multiport --sports 135 -j DROP
-A OUTPUT -p udp -m udp --sport 123 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 135 -j DROP
-A OUTPUT -p udp -m udp --sport 135 -j DROP
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 123 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 9081 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 22 -m iprange --src-range 444.444.444.444-555.555.555.555 -j ACCEPT
-A RH-Firewall-1-INPUT -s 333.333.333.333 -p tcp -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Mar 30 17:49:54 2007
# OF COURSE THE IP ADDRESSES SHOWED ABOVE WHERE CHANGED

Thank you

Marcos