Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Are you doing a "DROP" in the iptables rule? You'll still see the traffic but should also see it DROPped. When I had to do similar for stuff hitting my DNS server I could still see it in tcpdump but could also see it was never getting to DNS after being dropped by iptables.
You should actually block all that you don't need or only allow what you need. nebios should use a port but you block all udp that you don't use. Not sure what udp you'd normally want. Usually only port 80 tcp would be open maybe ssh ports or vpn ports.
You should actually block all that you don't need or only allow what you need. nebios should use a port but you block all udp that you don't use. Not sure what udp you'd normally want. Usually only port 80 tcp would be open maybe ssh ports or vpn ports.
I've heard that the iptables can't block broadcast packets.
Do you know a way to block them all?
I'm not necessarily sure you *want* to block NetBIOS, at least not within your local LAN. For better or worse, it's often an important for coexisting with Windows. For example, you might need NetBIOS in order to share disks or printers between Windows and Linux hosts.
HOWEVER:
If you really want to block it with iptables, it's easy. Just set up rules for the following ports:
Distribution: CentOS, RHEL, Fedora, Debian, Ubuntu, LinuxMint, Kali Linux, Raspbian
Posts: 166
Rep:
You are right. We can not control broadcast packet to reach to the NIC, But yes we can drop the packets by IPTables. The Packets that you see is the packets you received on your interface in raw. You must check your iptables rules whether you are dropping packets or not.
You can check that by
iptables -nvx -t table-name -L
This will show you the rules prefixed with the packet count and data transfer.
You are right. We can not control broadcast packet to reach to the NIC, But yes we can drop the packets by IPTables. The Packets that you see is the packets you received on your interface in raw. You must check your iptables rules whether you are dropping packets or not.
You can check that by
iptables -nvx -t table-name -L
This will show you the rules prefixed with the packet count and data transfer.
Thanks, you are right.
I've successfully dropped broadcast packets by adding proper rule in forwarding rule.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.