On Tue, August 29, 2006 13:38, claudio987\@libero\.it wrote: >>> packet enters only if I send it to a port opened into the router...: for >>> example: if I forward port 30 tcp\udp to >>> 192.168.0.2 (pc of my lan) and I send a wol packet for >>> another internet address out of my lan to poty 30 of external ppp0 >>> interface of my router, pc 192.168.0.2 turns on >>> >> >> Yes, well, you've said that before and as I said: if these *do* enter >> your network then I don't know how to block them. Perhaps you can search for >> the String match (it's in an older POM-ng and which I never used) and try to >> catch those WOL packets by matching it's contents. Since each WOL packet >> looks the same (6 bytes FF followed by 16 bytes containing the MAC address >> of the PC to wake up), you should be able to do it. >> >> Gr, >> Rob >> > how can I do it? By downloading a kernel, POM-ng (patch-o-matic-ng) and an older POM-ng that still has the string patchlet, and iptables. Patch the kernel using the older POM-ng for the string match and use the newer POM-ng for recent stuff. Install the new kernel and iptables and see if everything (still) works. If you've never done this I suggest you search the internet for howto's, read the README's and/or INSTALL files and try it with a test-PC first. Howto's on patching a kernel is not really the scope of this list.
