Re: (ASCEND) P50/P75 Wont go away!

[Michiel Boland <boland@diva.nl>]

> > Are there any Winblows boxes on the network behind the pipe50?  If
> > so, it could be the Winblows browser announcements going out using
> > Netbios over TCPIP.
> 
> I suspect this is the case.  I am a Netgear man myself so I know how to
> filter all the TCP/IP and UDP packets that Winblows spews on an RT328, but
> I have never added filters to a P50.  There's a section in chapter 8 about
> this very problem in the Netgear manual.  I hope there is something
> similar in the P50 manual (I was hoping their was a FAQ entry, but I cant
> find one).

There was something on the ascend website about this; I can't find it at
the moment though. What you could do is install the following filter
(upload it via the terminal or tftp; or type it in manually) and set the
'Call Filter' on your WAN connection to it. (You will want filter #1 in
this case.)

START=FILT=200=0
Name=IP Call
In filter 01...Valid=Yes
Out filter 01...Valid=Yes
Out filter 01...Type=IP
Out filter 01...Generic...Forward=Yes
Out filter 01...Ip...Forward=Yes
Out filter 01...Ip...Protocol=6
Out filter 02...Valid=Yes
Out filter 02...Type=IP
Out filter 02...Generic...Forward=Yes
Out filter 02...Ip...Forward=Yes
Out filter 02...Ip...Protocol=17
Out filter 02...Ip...Src Port Cmp=Neq
Out filter 02...Ip...Src Port #=137
Out filter 02...Ip...Dst Port Cmp=Eql
Out filter 02...Ip...Dst Port #=53
END=FILT=200=0^M

What this does is disallow anything other than TCP or DNS traffic to open
your WAN link. The check for port 137 is needed because some
ill-configured NT boxen use 'DNS for WINs' resolution or something like
that which is always good for support nightmares.

HTH

Cheers
Michiel

-- 
Michiel Boland <boland@diva.nl>
Digital Valley Internet Professionals
Duivendaal 4, Wageningen, The Netherlands
Phone: +31 317 465555, Fax: +31 317 460276

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>