summaryrefslogtreecommitdiff
path: root/ipmasq/rules/Z99windows-smb-broadcast.rul
diff options
context:
space:
mode:
Diffstat (limited to 'ipmasq/rules/Z99windows-smb-broadcast.rul')
-rw-r--r--ipmasq/rules/Z99windows-smb-broadcast.rul27
1 files changed, 27 insertions, 0 deletions
diff --git a/ipmasq/rules/Z99windows-smb-broadcast.rul b/ipmasq/rules/Z99windows-smb-broadcast.rul
new file mode 100644
index 0000000..836d825
--- /dev/null
+++ b/ipmasq/rules/Z99windows-smb-broadcast.rul
@@ -0,0 +1,27 @@
+# Accept Windows SMB broadcasts, so as to avoid spurious syslog entries from
+# ZZZdenyandlog.def
+
+if [ -n "$INTERNAL" -o -n "$EXTERNAL" ]; then
+ for i in $INTERNAL $EXTERNAL; do
+ ipnm_cache $i
+ case $MASQMETHOD in
+ ipfwadm)
+ if [ -n "$BCOFIF" ]; then
+ $IPFWADM -I -a accept -W ${i%%:*} -S $IPOFIF/$NMOFIF -D $BCOFIF/32 137:139
+ fi
+ ;;
+ ipchains)
+ if [ -n "$BCOFIF" ]; then
+ $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p tcp
+ $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p udp
+ fi
+ ;;
+ netfilter)
+ if [ -n "$BCOFIF" ]; then
+ $IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p tcp --dport 137:139
+ $IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p udp --dport 137:139
+ fi
+ esac
+ done
+fi
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 13:29:26 +0000