From 529182b23e3849b7717e8f6f741d9dd7cbc57bcf Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Tue, 18 Sep 2001 08:51:02 +0000
Subject: Added ipmasq/rules/*

---
 ipmasq/rules/Z99windows-smb-broadcast.rul | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 ipmasq/rules/Z99windows-smb-broadcast.rul

(limited to 'ipmasq/rules/Z99windows-smb-broadcast.rul')

diff --git a/ipmasq/rules/Z99windows-smb-broadcast.rul b/ipmasq/rules/Z99windows-smb-broadcast.rul
new file mode 100644
index 0000000..836d825
--- /dev/null
+++ b/ipmasq/rules/Z99windows-smb-broadcast.rul
@@ -0,0 +1,27 @@
+# Accept Windows SMB broadcasts, so as to avoid spurious syslog entries from
+# ZZZdenyandlog.def
+
+if [ -n "$INTERNAL" -o -n "$EXTERNAL" ]; then
+    for i in $INTERNAL $EXTERNAL; do
+        ipnm_cache $i
+        case $MASQMETHOD in
+        ipfwadm)
+	    if [ -n "$BCOFIF" ]; then
+                $IPFWADM -I -a accept -W ${i%%:*} -S $IPOFIF/$NMOFIF -D $BCOFIF/32 137:139
+	    fi
+            ;;
+        ipchains)
+	    if [ -n "$BCOFIF" ]; then
+                $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p tcp
+                $IPCHAINS -A input -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 137:139 -p udp
+	    fi
+            ;;
+	netfilter)
+	    if [ -n "$BCOFIF" ]; then
+		$IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p tcp --dport 137:139
+		$IPTABLES -A INPUT -j ACCEPT -i ${i%%:*} -s $IPOFIF/$NMOFIF -d $BCOFIF/32 -p udp --dport 137:139
+	    fi
+        esac
+    done
+fi
+
-- 
cgit v1.2.3