[Shorewall-users] Ports 139 and 445 are accepted after upgrade

Mario Juric mario.juric at privat.tdcadsl.dk
Wed Dec 31 03:58:36 PST 2003


I just upgraded from Mandrake 9.1 to 9.2 and discovered that ports 139 and
445 are accepted from the net even though my rules configuration is setup to
only accept 80, 443 and 25. I ran the portscan from
http://www.securitymetrics.com/portscan.adp, which tells me that the ports
are "closed", not "stealth" as they used to be. I do not understand why. Can
someone help me with this?

My current Shorewall version is 1.48.

Rules configuration:

ACCEPT	net	fw	tcp	80,443,25 -
ACCEPT	masq	fw	tcp	80,443,22,25,109,110,143,137,139,445,8080 -
ACCEPT	masq	fw	udp	137:139 -
ACCEPT	masq	fw	udp	1024: 137
ACCEPT	fw	masq	tcp	137,139,445 -
ACCEPT	fw	masq	udp	137:139 -
ACCEPT	fw	masq	udp	1024: 137
ACCEPT	masq	fw	tcp
domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp	-
ACCEPT	masq	fw	udp
domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp	-
ACCEPT	fw	masq	tcp	631,515,137,138,139	-
ACCEPT	fw	masq	udp	631,515,137,138,139	-

Mario Juric

More information about the Shorewall-users mailing list