On Tuesday 03 August 2004 6:07 am, david wrote:
> Dear all,
> How to block outgoing traffic over network that using port 137 udp
iptables -I FORWARD -p udp --dport 137 -j DROP
>, because my isp tell me that my network broadcast virus using port 137 udp,
> i want to make all traffic (port 137) do go outside my network, so i plan to
> blocking that traffic from my gateway.
>
> I already try to do this rules, but not working :
> #iptables -A FORWARD -p udp -s 0/0 --dport 137 -j DROP
1. Why are you allowing UDP 137 packets through your firewall anyway? They
must be matching *some* rule on your machine in order to get through at all -
of course it could be a default ACCEPT policy rule (if it is then you should
certainly change that).
2. The rule you have suggested uses "-A" to append to the end of the ruleset -
what are the other rules which come before it? Presumably one of those must
be allowing the packets through...
Show us your ruleset, tell us how you're testing.
Regards,
Antony.
--
"I estimate there's a world market for about five computers."
- Thomas J Watson, Chairman of IBM
Please reply to the list;
please don't CC me.
