I am new to the world of ipchains. I wanted to know
if the following rule would deny all snmp traffic
on my Internet link(Serial4), but let me use snmp
internally.
The problem is that with the latest bug in snmp,
even shutting it off doesnt help in some cases. I also rely on snmp for network
health info. I would like to just block all snmp traffic at the
border. Since this linux router is acting as my border router, this seems to be
the best place to start
ipchains -A input -i Serial4 -p udp -d 0/0 161 -j
DENY --log
ipchains -A input -i Serial4 -p udp -d 0/0 162 -j
DENY --log
Is there a better way to stop all snmp traffic at
the border?
Thanks,
Chris