On Thu, Feb 12, 2004 at 10:57:38AM -0600, Jason Bradley Nance wrote: > > > and that if you want to block ports on the private interface, > > > that you use the "BLOCKED_PORTS" variable. > > > > The BLOCKED_PORTS variable doesn't effect any internal interfaces. In > > fact none of the BLOCKED variables effect the internal interface, they > > all build rules for what is allowed in or out of the external > > interface(s). > > If everything is blocked on the public unless specified, what does > blocked_ports actually do? Just limit outgoing traffic? Or does it > suppress log messages (ie - really blocked ports)?
Suppress the creation of log messages since they are explicitly blocked, and thus never reach the logging directive at the end of each table. Added it to get rid of the SMB noise I was getting on my external interface from poorly configured Windows boxes. -- Jamin W. Collins Remember, root always has a loaded gun. Don't run around with it unless you absolutely need it. -- Vineet Kumar
