From: "Walter H." <Walter.H@mathemainzel.info>
To: "\"André Paulsberg-Csibi (IBM Consultant)\""
<Andre.Paulsberg-Csibi@evry.com>
Cc: "netfilter@vger.kernel.org" <netfilter@vger.kernel.org>
Subject: Re: Rule for PROTO=139?
Date: Tue, 06 Sep 2016 19:41:51 +0200 [thread overview]
Message-ID: <57CEFFDF.1070303@mathemainzel.info> (raw)
In-Reply-To: <d563e5c593e3405c8eca5c001b4b25e1@CCDEX021.corp.corpcommon.com>
[-- Attachment #1: Type: text/plain, Size: 1304 bytes --]
On 06.09.2016 14:18, André Paulsberg-Csibi (IBM Consultant) wrote:
> It is long time since I used WinXP , and Win7 - Win8 has passed and now WinX is the only thing
> and most of their "garbage" packages was removed using the parameter in DHCP :
> option netbios-node-type 0x2;
> option wpad code 252 = text;
> option wpad "\n\000";
>
> ( I cannot stop all their garbage , because they need it for their "sharing" tools )
> But DHCP INFORM and HIP and other excessive BC I have not seen in my home for quite some time so I am pretty sure most is gone ...
>
> IF that does not stop it - try to google it , if it is not possible you may just have to live with blocking it ...
>
>
ok due to this at the beginning of iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
and this at the end of iptables
-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
-A FORWARD -j LOG --log-prefix "IP[FWD]: " --log-level 7
-A OUTPUT -j LOG --log-prefix "IP[OUT]: " --log-level 7
COMMIT
these pakets are already dropped but they are also logged and fill the
log not neccessarily;
so somewhere between this rule
# Block HIP (Host Identity Protocol): prevent from logging
-A INPUT -i br0 -p hip -j REJECT
keeps from logging
Thanks,
Walter
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 3827 bytes --]
prev parent reply other threads:[~2016-09-06 17:41 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-06 10:58 Rule for PROTO=139? Walter H.
2016-09-06 11:20 ` Rob Sterenborg (lists)
2016-09-06 11:25 ` Andreas Hainke
[not found] ` <3e24e1f4a88741f0979847f78ef0ecc1@CCDEX021.corp.corpcommon.com>
2016-09-06 12:03 ` Walter H.
[not found] ` <d563e5c593e3405c8eca5c001b4b25e1@CCDEX021.corp.corpcommon.com>
2016-09-06 17:41 ` Walter H. [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57CEFFDF.1070303@mathemainzel.info \
--to=walter.h@mathemainzel.info \
--cc=Andre.Paulsberg-Csibi@evry.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox