[ previous ] [ next ] [ threads ]
 
 From:  David Rodgers <david dot rodgers at kdsi dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  august70 at thefourniers dot net
 Subject:  Re: [m0n0wall] Blocking OUT BOUND
 Date:  Tue, 18 May 2004 12:47:35 -0500
if you are trying to keep your hosts from accessing these services (or 
scanning for worms) you can create a new rule for each service that you are 
blocking like this

block any on LAN TCP from lannetwork to destination any port 445

or better yet block all outbound traffic on your lan interface and 
just allow outbound traffic to the services you want the users to access.

here is a screenshot of my home m0n0wall outgoing rules.

http://www.davidrodgers.com/rules.jpg

David


On Tuesday 18 May 2004 11:37, august70 wrote:
> I currently have
> 1 WAN   SDSL 1.1/1.1
> 1 LAN   Connected to Cisco 5k
> 2 WLAN  AllNet wireless Cards in APmode as 2 different networks
>
>
> I am wondering how to block all outbound traffic from originating ports of
> 135-139,445,5000,etc,etc.
>
> I am unsure where I would block this, on the WAN port or on each interface.
>
> Thanks.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch