From owner-freebsd-isp@FreeBSD.ORG Fri Nov 5 19:22:04 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C886C16A4DB for ; Fri, 5 Nov 2004 19:22:04 +0000 (GMT) Received: from mail.webhosting.cx (mail.webhosting.cx [64.246.44.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FC8C43D3F for ; Fri, 5 Nov 2004 19:22:04 +0000 (GMT) (envelope-from calarcon@iracsa.com.mx) X-ClientAddr: 201.129.143.214 Received: from soporte (dsl-201-129-143-214.prod-infinitum.com.mx [201.129.143.214] (may be forged)) (authenticated (0 bits)) by mail.webhosting.cx (8.11.6/8.11.6) with ESMTP id iA5JLY031491 for ; Fri, 5 Nov 2004 20:21:35 +0100 Message-ID: <000a01c4c3d1$1522cd40$2b0110ac@gateway.2wire.net> From: =?iso-8859-1?Q?Carlos_Alarc=F3n?= To: References: Date: Sat, 6 Nov 2004 00:20:18 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: problems blocking netbios X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Nov 2004 19:22:05 -0000 hi, i have problemas blocking netbios.. i have a freebsd bridge and use ipfw as firewall, i have this line on my firewall 00002 3740 391236 deny udp from any to any dst-port 137,138,139,81,520 in recv xl1 this rule is matched but i still see netbios networks and shared computers on my net i still having traffic in these ports just like in this log of a tcpdump -i xl1 |grep netbios ----> i'd tried some configurations found in the net but i cant block definitive netbios.. what i could do????? 12:06:32.498591 Ivan.netbios-dgm > 172.16.255.255.netbios-dgm: NBT UDP PACKET(138) 12:06:48.099193 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:06:53.108442 acer.netbios-dgm > 172.16.255.255.netbios-dgm: NBT UDP PACKET(138) 12:07:11.626147 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:12.368783 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:13.124740 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:15.732109 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:16.496274 169.254.181.211.netbios-dgm > 169.254.255.255.netbios-dgm: NBT UDP PACKET(138) 12:07:16.500684 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:07:16.502866 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:17.226395 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:07:31.704838 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:07:49.238467 2.00:11:5b:0f:77:a6.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:07:59.237731 2.00:11:5b:0f:77:a6.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:07:59.987385 2.00:11:5b:0f:77:a6.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 BROADCAST 12:08:12.068832 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:08:12.909901 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:08:13.750936 2.52:54:05:f0:a1:e5.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 12:08:14.612185 169.254.181.211.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:15.363122 169.254.181.211.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:16.114109 169.254.181.211.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:25.992338 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:26.742957 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:27.507799 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST BROADCAST 12:08:30.529039 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:31.276556 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; BROADCAST 12:08:32.019021 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:34.360527 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:35.107730 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:08:35.845438 final-6kypl57re.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:09:01.950604 Laboratorio.netbios-dgm > 172.16.255.255.netbios-dgm: NBT UDP PACKET(138) 12:09:02.443748 Ivan.netbios-dgm > 172.16.255.255.netbios-dgm: NBT UDP PACKET(138) BROADCAST 12:09:15.362085 2.00:e0:4c:b1:21:16.455 > 0.ff:ff:ff:ff:ff:ff.455: ipx-netbios 50 BROADCAST 12:09:23.136462 acer.netbios-dgm > 172.16.255.255.netbios-dgm: NBT UDP PACKET(138) 12:09:23.138987 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:09:23.871273 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:09:24.662048 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:10:07.390154 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:10:08.133622 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:10:08.892928 acer.netbios-ns > 172.16.255.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST;