[ previous ] [ next ] [ threads ]
 
 From:  "Aaron Cherman" <aaronc at morad dot ab dot ca>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Bloking NetBios
 Date:  Sun, 16 Apr 2006 14:59:47 -0600 
----- Original Message ----- 
From: "Alex M" <radiussupport at lrcommunications dot net>
To: "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
Sent: Sunday, April 16, 2006 2:00 PM
Subject: [m0n0wall] Bloking NetBios


>I was trying to hide every computer on the network so I set rule for LAN to
> LAN block ports UDP 137, 138   TCP 139, 445.  I moved thise tules to the
> higher priority then allow any to any, but all comps still can see each
> other, why? What should I do?
>

The rules only work on traffic that is passing through m0n0wall.  If you 
have your PCs connected to a switch before the m0n0wall then of course they 
will see each other - the traffic never reaches or goes through m0n0wall. 
LAN to LAN will not work because this local traffic does not pass through 
the m0n0wall.  if you want to do this you need to use VLANs or separate 
physical interfaces for each PC.  Another option is to use a managed switch 
on which you can set up port segregation or port based VLANs.


Aaron