Operating Systems > Linux and UNIX
simple ipchain question
Master of Reality:
whats the difference between the 3 different netbios? Are they all on port 139 or 138? What port is SWAT on?
I am going to IP tables and i dont know if i can use names like SWAT or netbios-ns.
voidmain:
You should be able to use any name that is in the /etc/services file. And if there isn't a name in /etc/services for a port that you use for a specific task just add the port and name for the service in that file. That file is used by many TCP/IP programs to give useful names instead of port numbers (netstat output uses names from /etc/services for instance).
NetBIOS itself does not use ports. NetBIOS is actually not a protocol at all but requires a networking protocol to be encapsulated in. It can be encapsulated in NetBEUI or TCP/IP. The three common NetBIOS over TCP/IP ports are 137, 138, and 139. 137 is the NETBIOS Name Service, 138 is the NETBIOS Datagram Service and 139 is the NETBIOS session service (you should see these listed in the comments field in /etc/services). To get more detailed information about what sort of communiction goes on over those ports search the net, there's plenty of information out there on the subject.
Master of Reality:
uhhh... iptables only lets me use the --dport and --sport variables if i have -p tcp in it. Netbios uses udp and tcp, so how would i stop it from going over udp?
voidmain:
Look at the second post in this thread with my firewall script. I have netbios tcp/udp blocked, but I am using ipchains. I think iptables is the same/similar is it not? Or maybe I don't quite understand your question?
[ August 23, 2002: Message edited by: VoidMain ]
Master of Reality:
nevermind maybe you can use the --sport and --dport with udp.
but i still get this error when using the --limit arg:
--- Code: ---
--- End code ---
[ August 23, 2002: Message edited by: Master of Reality / Bob ]
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version