[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Port Blocking?
 Date:  Thu, 2 Feb 2006 21:09:34 -0500
On 2/2/06, Memli Robaj <memlir at gmail dot com> wrote:
> Hi, i just wanted to ask how to use the Filter page, i really dont
> understand the M0n0wall method for blocking ports
>

It's basically exactly like most other firewalls.  Traffic is filtered
upon entering an interface, and you put the rules on the appropriate
interface.


> if you could please help me block ports 135-139 & 445,

from/to where?  Inbound from the Internet is blocked by default. 
Broadcasts aren't passed outside of the LAN.  If you're concerned
about somebody on your LAN getting out to SMB hosts, then put in a
rule to block TCP/UDP source port any, dest port 135-139 and another
rule for TCP/UDP source port any destination port 445.  It'd be better
to make them reject rules so any attempted outbound connections are
immediately rejected rather than waiting for time out, but then you'd
need twice as many rules (have to separate TCP and UDP for reject, not
for block).

-Chris