[COLUG] Re: nmblookup and iptables
Brian Miller
bnmille at myrealbox.com
Thu Dec 4 18:54:39 EST 2003
Jim,
You need to allow packets FROM ports 135 and 137. Your firewall configuration allows packets TO those ports. If you could limit the IP range from which you receive the packets, that would help protect you somewhat from malicious activities:
iptables -A INPUT -s Class_C_network/24 -p udp -m udp --sport 135-137 -j ACCEPT
Those return packets from nmblookup come from the MS ports, not to them.
Hope this helps.
Brian
More information about the colug
mailing list