[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: smb browsing broken by firewall

From: shane geeklords org
To: fedora-devel-list redhat com
Subject: Re: smb browsing broken by firewall
Date: Mon, 19 Jan 2004 12:37:30 -0800 (PST)

On Mon, 19 Jan 2004, Charles R. Anderson wrote:

> You would have to open the port from all hosts within the subnet to
> which the broadcast was originally sent.  That's the point of a
> broadcast query.  The dst-ip/dst-protocol/dst-port/src-port would
> still have to match the previous state.  

I must be missing something obvious.... but if we are dealing with 
broadcasts, the layer3 destination IP address is 255.255.255.255 (match 
anything).  So unless I am being dense (quite possible) such a patch would 
in affect open the netbios port to everyone (not just on the local 
segment) for 10 seconds after every broadcast "query".  If the above is 
true, said device would have its netbios port open to anybody 
(255.255.255.255) a lot (depending on usage).

Shane.

-- 
"Given enough time, all legal battles in the tech industry will invoke the 
DMCA. This generally means that all constructive arguments have ended." 
					-NialScorva (slashdot poster)

Follow-Ups:
- Re: smb browsing broken by firewall
  - From: Dan Williams

References:
- Re: smb browsing broken by firewall
  - From: Charles R. Anderson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]