I'm trying to setup some firewalling rules, now that my Linux box has a
full-time ADSL connection to the Internet. I'm currently running kernel
2.2.7 (under potato), so I'm using ipchains in my (apparently feeble
<g>) attempts to do this.
Ever since the ADSL connection was configured, I've noticed the
following in my logs every 10 minutes or so...
Apr 30 21:25:23 glitch nmbd[10603]: connect from 10.0.0.153
Apr 30 21:25:23 glitch inetd[166]: /usr/sbin/tcpd: exit status 0x1
[above lines repeated 2-3 dozen times, IP's and PID's vary]
Apr 30 21:25:23 glitch inetd[166]: netbios-ns/udp server failing
(looping), service terminated
After seeing this I thought that blocking netbios broadcasts would be a
good, or at least easily verified, place to start. After consulting
with the ipchains HOWTO, I entered the following:
ipchains -A input -p udp -s 0.0.0.0/24 netbios-ns -l -j DENY
ipchains -A input -p tcp -s 0.0.0.0/24 netbios-ns -l -j DENY
After doing this, however, my logfiles are showing the exact same
behaviour. Presumably I'm missing something... any pointers as to what?
Thanx!
