|
||||||||
On 2/2/06, Memli Robaj <memlir at gmail dot com> wrote: > Hi, i just wanted to ask how to use the Filter page, i really dont > understand the M0n0wall method for blocking ports > It's basically exactly like most other firewalls. Traffic is filtered upon entering an interface, and you put the rules on the appropriate interface. > if you could please help me block ports 135-139 & 445, from/to where? Inbound from the Internet is blocked by default. Broadcasts aren't passed outside of the LAN. If you're concerned about somebody on your LAN getting out to SMB hosts, then put in a rule to block TCP/UDP source port any, dest port 135-139 and another rule for TCP/UDP source port any destination port 445. It'd be better to make them reject rules so any attempted outbound connections are immediately rejected rather than waiting for time out, but then you'd need twice as many rules (have to separate TCP and UDP for reject, not for block). -Chris |