From: "Walter H." <Walter.H@mathemainzel.info>
To: "\"André Paulsberg-Csibi (IBM Consultant)\""
<Andre.Paulsberg-Csibi@evry.com>
Cc: "netfilter@vger.kernel.org" <netfilter@vger.kernel.org>
Subject: Re: Rule for PROTO=139?
Date: Tue, 06 Sep 2016 19:41:51 +0200 [thread overview]
Message-ID: <57CEFFDF.1070303@mathemainzel.info> (raw)
In-Reply-To: <d563e5c593e3405c8eca5c001b4b25e1@CCDEX021.corp.corpcommon.com>
[-- Attachment #1: Type: text/plain, Size: 1304 bytes --]
On 06.09.2016 14:18, André Paulsberg-Csibi (IBM Consultant) wrote:
> It is long time since I used WinXP , and Win7 - Win8 has passed and now WinX is the only thing
> and most of their "garbage" packages was removed using the parameter in DHCP :
> option netbios-node-type 0x2;
> option wpad code 252 = text;
> option wpad "\n\000";
>
> ( I cannot stop all their garbage , because they need it for their "sharing" tools )
> But DHCP INFORM and HIP and other excessive BC I have not seen in my home for quite some time so I am pretty sure most is gone ...
>
> IF that does not stop it - try to google it , if it is not possible you may just have to live with blocking it ...
>
>
ok due to this at the beginning of iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
and this at the end of iptables
-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
-A FORWARD -j LOG --log-prefix "IP[FWD]: " --log-level 7
-A OUTPUT -j LOG --log-prefix "IP[OUT]: " --log-level 7
COMMIT
these pakets are already dropped but they are also logged and fill the
log not neccessarily;
so somewhere between this rule
# Block HIP (Host Identity Protocol): prevent from logging
-A INPUT -i br0 -p hip -j REJECT
keeps from logging
Thanks,
Walter
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 3827 bytes --]
prev parent reply other threads:[~2016-09-06 17:41 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-06 10:58 Rule for PROTO=139? Walter H.
2016-09-06 11:20 ` Rob Sterenborg (lists)
2016-09-06 11:25 ` Andreas Hainke
[not found] ` <3e24e1f4a88741f0979847f78ef0ecc1@CCDEX021.corp.corpcommon.com>
2016-09-06 12:03 ` Walter H.
[not found] ` <d563e5c593e3405c8eca5c001b4b25e1@CCDEX021.corp.corpcommon.com>
2016-09-06 17:41 ` Walter H. [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57CEFFDF.1070303@mathemainzel.info \
--to=walter.h@mathemainzel.info \
--cc=Andre.Paulsberg-Csibi@evry.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.