From owner-freebsd-questions  Sun May 10 20:25:58 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA26970
          for freebsd-questions-outgoing; Sun, 10 May 1998 20:25:58 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from granite.sentex.net (granite.sentex.ca [199.212.134.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA26959
          for <questions@freebsd.org>; Sun, 10 May 1998 20:25:55 -0700 (PDT)
          (envelope-from mike@sentex.net)
Received: from ospf-mdt.sentex.net (ospf-mdt.sentex.net [205.211.164.81]) by granite.sentex.net (8.8.6/8.6.9) with SMTP id XAA21741; Sun, 10 May 1998 23:23:19 -0400 (EDT)
From: mike@sentex.net (Mike Tancsa)
To: capriotti@geocities.com (Capriotti)
Cc: questions@FreeBSD.ORG
Subject: Re: IPFW Rules
Date: Mon, 11 May 1998 03:25:45 GMT
Message-ID: <35566df4.359685049@mail.sentex.net>
References: <3.0.32.19980510184700.0092bd40@pop.mpc.com.br>
In-Reply-To: <3.0.32.19980510184700.0092bd40@pop.mpc.com.br>
X-Mailer: Forte Agent .99e/32.227
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 10 May 1998 18:49:40 -0300, in sentex.lists.freebsd.questions
you wrote:

>I am actually trying to understand the filtering mechanism to, next apply
>it to:
>
>filter netbios (I don't want it to cause ppp to dial, and I don't want
>strangers to access it; Actually there's something about it in the archives)

marble# grep -i netbio /etc/services   
netbios-ns      137/tcp    #NETBIOS Name Service
netbios-ns      137/udp    #NETBIOS Name Service
netbios-dgm     138/tcp    #NETBIOS Datagram Service
netbios-dgm     138/udp    #NETBIOS Datagram Service
netbios-ssn     139/tcp    #NETBIOS Session Service
netbios-ssn     139/udp    #NETBIOS Session Service

ipfw add 3000 deny tcp from any to any 139 via ed2 
ipfw add 3000 deny udp from any to any 139 via ed2 

would block netbios Session services on the ed2 interface...


>filter what will in or out via ppp (do I have to make this kind of rule
>refere to tun0 or sio0 ?)

Yes

>allow acess to secure shell and not telnet

ipfw add 4000 deny log tcp from any to any 23 in recv fxp0

would deny inbound telnet sessions on port 23... Or simply just take
it out of inetd.

	---Mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message