On Tuesday 03 August 2004 7:04 am, Dhananjoy Chowdhury wrote:
> try dropping packets both with dport 137 and also with sport 137.
I disagree.
Try ACCEPTing the packets you *want* to go through the firewall, and DROP
everything else.
Don't create individual rules to DROP the traffic you think you don't want
(you will always forget something, or there will be a new problem next week
which requires a new rule, etc).
Instead create individual rules to ACCEPT the traffic you need, and DROP
anything which doesn't fit that description.
Regards,
Antony.
> On Tue, 2004-08-03 at 10:37, david wrote:
> > Dear all,
> > How to block outgoing traffic over network that using port 137 udp,
> > because my isp tell me that my network broadcast virus using port 137
> > udp, i want to make all traffic (port 137) do go outside my network,
> > so i plan to blocking that traffic from my gateway.
> >
> > I already try to do this rules, but not working :
> > #iptables -A FORWARD -p udp -s 0/0 --dport 137 -j DROP
> >
> >
> >
> >
> > Regards,
> > David Kandou
--
If builders made buildings the way programmers write programs, then the first
woodpecker to come along would destroy civilisation.
Please reply to the list;
please don't CC me.
