From owner-freebsd-questions  Sat Mar 24 16:21:59 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112])
	by hub.freebsd.org (Postfix) with ESMTP id 8D6E037B718
	for <freebsd-questions@FreeBSD.ORG>; Sat, 24 Mar 2001 16:21:56 -0800 (PST)
	(envelope-from wmoran@iowna.com)
Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38])
	by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f2P0JBH03629;
	Sat, 24 Mar 2001 19:19:12 -0500 (EST)
Message-ID: <3ABD3A4F.86D45ABC@iowna.com>
Date: Sat, 24 Mar 2001 19:22:39 -0500
From: Bill Moran <wmoran@iowna.com>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Robin Lo <asailkat@hotmail.com>
Cc: freebsd-questions@FreeBSD.ORG, adamlau@yahoo.com
Subject: Re: NAT questions
References: <F2343VsX7PVTdAMDmZ50000ad2e@hotmail.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Port 138 is netbios stuff. Typical Micros~1 broadcast traffic. The
solution is to remove all the Windows-based machines from you network.
Barring that, I'd program your NAT box with a firewall that rejects or
drops those packets. Or you could just ignore it or program ipnat not to
complain about it. It's probably just the Micros~1 machines making sure
everyone else on the network knows they're there every 15 seconds or
whatever the default interval is. I believe on some of the Micros~1
boxes you can turn of "lanmanager annoucements" or other such broadcast
options to reduce this traffic.

-Bill

Robin Lo wrote:
> 
> Hello,
> 
> I have set up FreeBSD 4.2 to be used for NAT.  I have 2 NIC cards
> configured for the network.  The internal network is configured
> with--10.0.0.0/8, and the second NIC with it's ISP default settings.
> The external NIC has been tested.  I am able to ping to the outside
> world.  I support an internal network with an NT2000 Server used for
> DNS, DHCP, and Active Directory services supporting serveral Windows
> /Pro/NT40/ and 98 clients.  When running the NAT box i get
> these messages that appear accross the screen.  It occurs while
> working in vi or any other programs.
> 
> March 24  03:36:39 firewall /kernel:  Connection attempt to UDP
> 64.160.131.xx9:138 from 64.160.131.xx8:138
> 
> March 24  03:36:39 firewall /kernel:  Connection attempt to UDP
> 10.255.255.255:138 from 10.10.1.1:138
> 
> March 24  03:36:39 firewall /kernel:  Connection attempt to UDP
> 10.255.255.255:138 from 10.10.1.3:138
> 
> March 24  03:58:38 firewall last message repeated 2 times

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message