Protect LAN by blocking SMB traffic

Thursday, 05 June 2008

Block windows file and print share and other traffic that could be also used to send viruses. Add the following lines to your /etc/rc.d/rc.local file or to your firewall file (/etc/rc.d/rc.firewall for example). # ------------------- iptables rules -------------------- iptables -A INPUT --protocol tcp --destination-port 135:139 -j DROP iptables -A INPUT --protocol tcp --source-port 135:139 -j DROP iptables -A INPUT --protocol udp --destination-port 135:139 -j DROP iptables -A INPUT --protocol udp --source-port 135:139 -j DROP iptables -A INPUT --protocol tcp --destination-port 445 -j DROP iptables -A INPUT --protocol tcp --source-port 445 -j DROP iptables -A INPUT --protocol udp --destination-port 445 -j DROP iptables -A INPUT --protocol udp --source-port 445 -j DROP # -------------------------------------------------------

 

Next >