I've had to close some udp ports on my firewall box that were being wrongly exported. I did it with the following rules:
Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT udp ------ localnet/24 anywhere any -> any ACCEPT udp ------ localhost anywhere any -> any REJECT udp ------ anywhere anywhere any->1:1024 REJECT udp ------ anywhere anywhere any -> icpv2 This blocks ports 1 - 1024 and 3130 except for the localnet. Is this the right way to do it? The services are the udp portions of samba, dhcp and squid (icpv2). I thought they were binding only to the internal interface but they weren't how can I stop this. Samba is running from rlinetd and both dhcp and squid are standalone servers. Greetings, Pedro.
