> iptables -A INPUT -i $EXT_DEV -p tcp -d $EXT_DEV --dport 135 -j DROP
> iptables -A INPUT -i $EXT_DEV -p udp -d $EXT_DEV --dport 135 -j DROP
^^^^^^^^^^^
I guess the above and below is are typos ? It should be -d $EXT_IP.
> iptables -A OUTPUT -o $EXT_DEV -p tcp -d $EXT_DEV --dport 135 -j DROP
> iptables -A OUTPUT -o $EXT_DEV -p udp -d $EXT_DEV --dport 135 -j DROP
-d $EXT_IP --dport 135 should be -s $EXT_IP --sport 135.
> But with :
>
> nmap -sU -P0 -p 135 <ext ip>,
>
> I get a (135/udp open).
I have the same results.
> Can someone explain to me what I'm doing wrong or what
> information I have forgotten? Does it even matter
> if the udp 135 port is open? I'm currently in
> the process of closing all unneccessary ports
> (be it tcp or udp).
No. I am interested too in why udp shows "open" from a foreign host,
while tcp shows filtered.
How can I check if an udp port is really closed/filtered or opened ?
Gr,
Rob
