[Shorewall-newbies] UDP replys not dropped

Tom Eastep teastep at shorewall.net
Tue Jan 6 10:02:08 PST 2004


On Tuesday 06 January 2004 08:59 am, Tom Eastep wrote:

> >
> > The problem I have, is that such trafic makes the "idle 60" option in my
> > /etc/ppp/options useless, because there is always such a request within
> > 60 seconds. So the modem never hangs up.
>
> a) cd /etc/shorewall
> b) cp common.def common
> c) <edit 'common' and replace the REJECT to DROP for UDP 137:139>
> d) shorewall restart
>

An alternative is to upgrade to 1.4.9 Beta 2 -- the common.def file included 
in that release incorporates a similar change as is described above.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list