This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to filter port 137 without log

Hi, i have these rules:
1  Any Any { all_broadcast } Drop
2  Any { netbios } Any Drop
3 Internal_network  Any Any Allow
4 Any Any Any Drop

but in the packet filter log still have this:
Aug  5 16:31:28 (none) kernel: UDP Drop: IN=eth0 OUT= MAC=00:01:03:ea:40:b1:00:06:29:38:b4:40:08:00 SRC=172.16.0.8 DST=172.16.0.30 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=29482 PROTO=UDP SPT=137 DPT=137 LEN=58

Why the second rule doesn't filter this kind of log?

Rick.

This thread was automatically locked due to age.

0 orhan over 22 years ago

move second rule to top.
Cancel
Vote Up 0 Vote Down

Cancel
0 Xeno over 22 years ago

Hi Riccardo

Any Any drops only forwarded traffic. This rule will be written in a FORWARD-Chain of iptables.
What you need is a rule with destination "Internal_Broadcast__". This rule will be written into a INPUT-Chain of iptables.

Cheers
Xeno
Cancel
Vote Up 0 Vote Down

Cancel