* david <david@xxxxxxxxxxxxxxxxxxxx> 16. Jun 04: > Dear all, Hi, > When i look at "IPTRAF", i see lot of broadcast traffic that using port 137 > and 138, how to make rules that can block all traffic in port 137 and 138, i > already try to use this rules but its no works... Additional to Antonys statement the OUTPUT-rules should be even more useless. Are you runnig netbios at a linux-box? > iptables -A INPUT -p tcp --dport 137 DROP > iptables -A INPUT -p udp --dport 137 DROP > iptables -A INPUT -p tcp --dport 138 DROP > iptables -A INPUT -p udp --dport 138 DROP > iptables -A INPUT -p icmp DROP And ICMP is _not_ bad. Don't DROP it. HTH, regards, Frank. -- Sigmentation fault
