Jaymes,
Wow, something else for me to learn how to do when I get done buying my
house and moving in ;-). I'll put that on my list of things to do!
VR,
Ben
On Wednesday 20 August 2003 06:45 am, you wrote:
> Your Welcome.
>
> If you want to monitor real time, either use ethereal t
Ben Beeson
Sent: Tuesday, August 19, 2003 7:00 PM
To: [EMAIL PROTECTED]
Subject: Re: [luau] MonMotha Firewall question
Jaymes,
So far so good. I'll watch my logs specifically for this for a few days
and
see what I can see. So far nothing is there today. I don't know if that
Jaymes,
So far so good. I'll watch my logs specifically for this for a few
days and
see what I can see. So far nothing is there today. I don't know if that
means the packets were dropped or if none showed up today...
Cheers, and thanks for the hint!
Ben
Don't knowthis is the only way I know how to do it
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ben Beeson
Sent: Monday, August 18, 2003 7:45 PM
To: LUAU mailing list
Subject: RE: [luau] MonMotha Firewall question
>port 135 is rpc
>port 135 is rpc (remote procedure call) related. used extensively with
>active directory and other useless parts of windows
>
>Try this in IP Chains
>-A input -s 0/0 -d 0/0 135 -p tcp -j -y DENY
>
>this will drop all packets destined to or from a source port 135
>
Jaymes,
H-m-m-m. Tha
Thanks for that. Would something like 1.2.3.4/32:135 work for the
universe???
Respectfully,
Ben
Actually, I don't know that you can block a specific TCP port. However, if you
have LDROP or LREJECT or LTREJECT as your DROP= policy, just change that. The
logging policies are really only
ipchains and your off and running
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of MonMotha
Sent: Sunday, August 17, 2003 10:18 AM
To: [EMAIL PROTECTED]
Subject: Re: [luau] MonMotha Firewall question
Ben Beeson wrote:
> Aloha,
>
> I am currentl
Ben Beeson wrote:
>> snip ...
>>
>> Is there an easy way to just drop those port 135 packets dead on the
>> floor and forget about them?
>>
>See the BLACKHOLE option, then set the policy on it to "DROP".
>
>--MonMotha
Thanks for that. Would something like 1.2.3.4/32:135 work for the
univers
Ben Beeson wrote:
Aloha,
I am currently running -pre9 on a single machine that I am using as my sole
connection to the internet. (I used to run behind a router + firewall, but
that got packed up and moved to California recently.) Anyway, I am now
seeing a bunch of entries in my console logs