I cannot block LAN netbios broadcasts on a fedora core 2 Iptables box being used as an IDS.
If your IDS is reading directly from network interface (like network sniffers such as tcpdump or ethereal do), than it bypasses the firewall. You'd need to configure your IDS software to ignore whatever you consider "normal" traffic on your network. But be warn, the more you ignore, the less you see.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
