Subject: Re: ipf help
To: David Maxwell <david@fundy.ca>
From: None <mcmahill@mtl.mit.edu>
List: netbsd-users
Date: 12/13/1999 16:24:01
On Mon, 13 Dec 1999, David Maxwell wrote:
> On Mon, Dec 13, 1999 at 03:19:15PM -0500, mcmahill@mtl.mit.edu wrote:
> > I'm trying to block some particular network traffic. The stuff in
> > question (from tcpdump) is:
> > 15:16:24.311352 SEPTUM.MIT.EDU.1121 > 18.62.255.255.sunrpc: udp 96
>
> Not related to your question, but should that machine really be
> broadcasting to a whole b-class?
MIT uses b-class subnets. Now, should they be broadcasting, probably not.
Its only about 8-10 linux boxes which do this. None of the
netbsd, solaris, ultrix, windows machines do as far as I
can tell. In fact the couple of linux boxes in my dept dont' either.
> If you're not on the same subnet, bug your network admins to block
> directed IP broadcasts. It'll also help prevent network abuse.
I've complained to the network people for some time. No response. I'm
tired of my consoles filling up with messages about this.
> > So I put a line in /etc/ipf.conf:
> > block in quick on ep1 from 18.62.0.0/16 to 18.62.255.255/32 port=sunrpc
> > but this doesn't do it.
> I think you need spaces around your '='.
yep! that was it. I figured it was something simple.
Thanks for the help
-Dan