>> If WOL packets really *do* enter your network then I don't know how >> to block them. >> >> According to the AMD whitepaper a WOL packet is sent using a subnet >> directed broadcast to pass through routers. If you search around the >> internet, you find that directed broadcasts can be blocked by using: >> "echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts". >> But, that's ICMP and UDP seems (commonly) to be used for WOL packets >> so this would not help you. >> > packet enters only if I send it to a port opened into the > router...: for example: if I forward port 30 tcp\udp to > 192.168.0.2 (pc of my lan) and I send a wol packet for > another internet address out of my lan to poty 30 of external > ppp0 interface of my router, pc 192.168.0.2 turns on > Yes, well, you've said that before and as I said: if these *do* enter your network then I don't know how to block them. Perhaps you can search for the String match (it's in an older POM-ng and which I never used) and try to catch those WOL packets by matching it's contents. Since each WOL packet looks the same (6 bytes FF followed by 16 bytes containing the MAC address of the PC to wake up), you should be able to do it. Gr, Rob
