Added ipmasq/rules/*

author: Jonas Smedegaard <dr@jones.dk> 2001-09-18 08:51:02 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2001-09-18 08:51:02 +0000
commit: 529182b23e3849b7717e8f6f741d9dd7cbc57bcf (patch)
tree: 3ebb0cbbdc9bdebde18cde92a7db4c9c30fc6573 /ipmasq/rules/Z99windows-smb-broadcast.rul
parent: 17759a25f6946416e18c8d1329aee7a1fa0750d2 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/ipmasq/rules/Z99windows-smb-broadcast.rul b/ipmasq/rules/Z99windows-smb-broadcast.rul
new file mode 100644
index 0000000..836d825
--- /dev/null
+++ b/ipmasq/rules/Z99windows-smb-broadcast.rul
@@ -0,0 +1,27 @@
+# Accept Windows SMB broadcasts, so as to avoid spurious syslog entries from
+# ZZZdenyandlog.def
+
+if [ -n "$INTERNAL" -o -n "$EXTERNAL" ]; then
+    for i in $INTERNAL $EXTERNAL; do
+        ipnm_cache $i
+        case $MASQMETHOD in
+        ipfwadm)
+	    if [ -n "$BCOFIF" ]; then
+                $IPFWADM -I -a accept -W ${i%%:*} -S $IPOFIF/$NMOFIF -D $BCOFIF/32 137:139
+	    fi
+            ;;
+        ipchains)
+	    if [ -n "$BCOFIF" ]; then
+                $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p tcp
+                $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p udp
+	    fi
+            ;;
+	netfilter)
+	    if [ -n "$BCOFIF" ]; then
+		$IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p tcp --dport 137:139
+		$IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p udp --dport 137:139
+	    fi
+        esac
+    done
+fi
+
author	Jonas Smedegaard <dr@jones.dk>	2001-09-18 08:51:02 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2001-09-18 08:51:02 +0000
commit	529182b23e3849b7717e8f6f741d9dd7cbc57bcf (patch)
tree	3ebb0cbbdc9bdebde18cde92a7db4c9c30fc6573 /ipmasq/rules/Z99windows-smb-broadcast.rul
parent	17759a25f6946416e18c8d1329aee7a1fa0750d2 (diff)