Sunday, April 25, 2010

Block netbios traffic using iptables

If you already have basic firewall, just add the following:
# ----------- BEGIN OF CUSTOM RULES -----------
#
# Ignore netbios-ns, netbios-dgm, netbios-ssn, 
# microsoft-ds, bootps, bootpc, epman
-A INPUT -p tcp -m multiport --dports netbios-ns,netbios-dgm,netbios-ssn,microsoft-ds,bootps,bootpc,epman -j DROP
-A INPUT -p udp -m multiport --dports netbios-ns,netbios-dgm,netbios-ssn,microsoft-ds,bootps,bootpc,epman -j DROP

#
# ------------ END OF CUSTOM RULES ------------
Note: The list of system known ports (as well as known to iptables) is based on file /etc/services. Now you can activate these rules as described here.

No comments :

Post a Comment