Unwanted browse lists

Michel michel at nijenrode.nl
Tue Oct 6 20:25:54 GMT 1998

Thanks for your thoughts. But would this still allow these clients to 
browse the server ?


 Michel van der Laan	-	michel at nijenrode.nl
In your mail from 6-10-1998 you write:
> Michel,
> One approach that hasn't been suggested is to block access to the netbios
> nameservice port on the samba host with a firewalling rule.  That way the
> other computers on the subnet can't register themselves with nmbd.
> Suppose that your internal network is all within the
> network.  Each Windows workstation will automatically announce itself with
> a udp packet broadcast to on port 137.  So if your OS
> supports firewalling you can just write a deny rule for packets that meet
> those criteria.
> For instance, using Linux, I can write the following rule:
> ipfwadm -I -a deny -S -D 137 -P udp
> which drops all packets destined for the udp netbios-ns port at 137.  Of
> course, you could enable specific machines to be listed by adding
> additional rules above this one.  If, for instance, you wanted the machine
> at to appear in Network Neighborhood, you'd add the rule:
> ipfwadm -I -a accept -S -D 137 -P udp 
> before the general deny rule above.
> Peter
> -----
> Peter H. Lemieux				Voice:	(800) 5-CYWAYS	
> CYWAYS, Incorporated					(+1 617 796 8995)
> 19 Westchester Road				Fax:	(617) 796-8997
> Newton, Massachusetts 02458-2519 USA		Web:    http://www.cyways.com

More information about the samba mailing list