smb browsing broken by firewall

Dan Williams dcbw at redhat.com
Mon Jan 19 22:01:23 UTC 2004


Slight correction,

255.255.255.255 is the broadcast address for _all_ subnets the machine
may be on, to everywhere.  (also MAC FF:FF:FF:FF:FF:FF)

A local subnet broadcast address is, for example:

IP address: 10.0.0.50
Local broadcast:  10.0.0.255
Subnet mask: 255.255.255.0

If all "host" bits of the address are 1, then the address is a broadcast
address on the local subnet _only_, as long as all the "network" bits
match the "network" bit range in the machine's IP address.

Dan

On Mon, 2004-01-19 at 15:37, shane at geeklords.org wrote:
> On Mon, 19 Jan 2004, Charles R. Anderson wrote:
> 
> > You would have to open the port from all hosts within the subnet to
> > which the broadcast was originally sent.  That's the point of a
> > broadcast query.  The dst-ip/dst-protocol/dst-port/src-port would
> > still have to match the previous state.  
> 
> I must be missing something obvious.... but if we are dealing with 
> broadcasts, the layer3 destination IP address is 255.255.255.255 (match 
> anything).  So unless I am being dense (quite possible) such a patch would 
> in affect open the netbios port to everyone (not just on the local 
> segment) for 10 seconds after every broadcast "query".  If the above is 
> true, said device would have its netbios port open to anybody 
> (255.255.255.255) a lot (depending on usage).
> 
> Shane.
> 
> -- 
> "Given enough time, all legal battles in the tech industry will invoke the 
> DMCA. This generally means that all constructive arguments have ended." 
> 					-NialScorva (slashdot poster)		
> 





More information about the devel mailing list