smb browsing broken by firewall
shane at geeklords.org
shane at geeklords.org
Mon Jan 19 20:37:30 UTC 2004
On Mon, 19 Jan 2004, Charles R. Anderson wrote:
> You would have to open the port from all hosts within the subnet to
> which the broadcast was originally sent. That's the point of a
> broadcast query. The dst-ip/dst-protocol/dst-port/src-port would
> still have to match the previous state.
I must be missing something obvious.... but if we are dealing with
broadcasts, the layer3 destination IP address is 255.255.255.255 (match
anything). So unless I am being dense (quite possible) such a patch would
in affect open the netbios port to everyone (not just on the local
segment) for 10 seconds after every broadcast "query". If the above is
true, said device would have its netbios port open to anybody
(255.255.255.255) a lot (depending on usage).
Shane.
--
"Given enough time, all legal battles in the tech industry will invoke the
DMCA. This generally means that all constructive arguments have ended."
-NialScorva (slashdot poster)
More information about the fedora-devel-list
mailing list