From owner-freebsd-questions@FreeBSD.ORG Tue Nov 11 08:26:11 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94C9F16A4CE for ; Tue, 11 Nov 2003 08:26:11 -0800 (PST) Received: from mx.tele-kom.ru (mx.tele-kom.ru [213.80.148.6]) by mx1.FreeBSD.org (Postfix) with SMTP id 64C0943FD7 for ; Tue, 11 Nov 2003 08:26:09 -0800 (PST) (envelope-from doublef@tele-kom.ru) Received: (qmail 29635 invoked by uid 555); 11 Nov 2003 19:26:06 +0300 Received: from hal.localdomain (213.80.149.182) by t-k.ru with TeleMail/2 id 1068567965-29625 for simong@desktop-guardian.com; Tue, 11 Nov 19:26:05 2003 +0300 (MSK) Date: Tue, 11 Nov 2003 18:49:17 +0300 From: Sergey 'DoubleF' Zaharchenko To: "Simon Gray" Message-Id: <20031111184917.5a2b61f0.doublef@tele-kom.ru> In-Reply-To: <01ae01c3a84b$5bb0c1b0$1100a8c0@dtg17> References: <006201c3a7ff$a9b227b0$6701a8c0@tacstation> <01ae01c3a84b$5bb0c1b0$1100a8c0@dtg17> X-Mailer: Sylpheed version 0.9.6claws (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha1"; boundary="Signature=_Tue__11_Nov_2003_18_49_17_+0300_4/c6Af8qCwtlsue2" cc: Shawn Guillemette cc: freebsd-questions@freebsd.org Subject: Re: ipfw question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 16:26:11 -0000 --Signature=_Tue__11_Nov_2003_18_49_17_+0300_4/c6Af8qCwtlsue2 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 7bit On Tue, 11 Nov 2003 12:00:10 -0000 "Simon Gray" probably wrote: > >63000 0 0 deny log logamount 100 udp from any to any 119 via > sis0 > >63000 24 1152 deny log logamount 100 tcp from any to any 135 via sis0 > >63000 0 0 deny log logamount 100 udp from any to any 135 via > sis0 > > >63000 is the rule number correct? > >IM wondering what the other 2 places are.. > >24 and 1152 > if you're getting 0 on the other rules, it probably means its not running > those rules. > So therefore it won't actually log if it isn't get to that rule. > > also from the looks of things, if you're trying to block windows > filesharing/smb you > might want to block 135 - 139 both tcp/udp (instead of specifiying 135 in > the rule add '135-139') > rather than just 135 tcp/udp > > >Are they inbound and outbound? > well depends (could be both yes), anything thats aimed at tcp 135 will be > denied and > logged These are counts in packets and bytes. > > >Do I make any sence? > > Not really :/ whats the question? > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- DoubleF BLISS is ignorance --Signature=_Tue__11_Nov_2003_18_49_17_+0300_4/c6Af8qCwtlsue2 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/sQUKwo7hT/9lVdwRAiNKAJ9bUUyB70aQ04fWs6UF6UvX4SqX1ACdHo16 SfLooxo4snASAr+S0rD51cc= =vs57 -----END PGP SIGNATURE----- --Signature=_Tue__11_Nov_2003_18_49_17_+0300_4/c6Af8qCwtlsue2--