On Tue, 2004-08-03 at 11:47, Antony Stone wrote: > On Tuesday 03 August 2004 7:04 am, Dhananjoy Chowdhury wrote: > > > try dropping packets both with dport 137 and also with sport 137. > > I disagree. > > Try ACCEPTing the packets you *want* to go through the firewall, and DROP > everything else. > > Don't create individual rules to DROP the traffic you think you don't want > (you will always forget something, or there will be a new problem next week > which requires a new rule, etc). > > Instead create individual rules to ACCEPT the traffic you need, and DROP > anything which doesn't fit that description. > > Regards, > > Antony. Your terminology is very much true but David has already applied the rule #iptables -A FORWARD -p udp -s 0/0 --dport 137 -j DROP but then also he isn't able to stop output traffic through port 137. So in this scenario he should appply the above rule for both --sport and --dport. #iptables -I FORWARD -p udp -s 0/0 --dport 137 -j DROP #iptables -I FORWARD -p udp -s 0/0 --sport 137 -j DROP Regards, Dhananjoy > > > On Tue, 2004-08-03 at 10:37, david wrote: > > > Dear all, > > > How to block outgoing traffic over network that using port 137 udp, > > > because my isp tell me that my network broadcast virus using port 137 > > > udp, i want to make all traffic (port 137) do go outside my network, > > > so i plan to blocking that traffic from my gateway. > > > > > > I already try to do this rules, but not working : > > > #iptables -A FORWARD -p udp -s 0/0 --dport 137 -j DROP > > > > > > > > > > > > > > > Regards, > > > David Kandou
