Wol Magic Packets
Rob Sterenborg
rob at sterenborg.info
Thu Aug 24 07:45:59 CEST 2006
claudio987 at libero.it <mailto:claudio987 at libero.it> wrote:
>> On Wed, August 23, 2006 11:33, claudio987\@libero\.it wrote:
>>> exsists a module that can recognize Magic packet used in wake on
>>> lan?
>>
>> No, not specifically.
>>
>>> I'd like to drop Magic packets
>>
...
>>
>> Port 7/udp being echo and port 9/udp being discard, I don't see why
>> you couldn't block these ports.
>>
> 7 and 9 are default ports but Magica packets can also be
> trasmitted trought other ports:
> http://www.depicus.com/wake-on-lan/woli.aspx
> as you can see, here you can specify port number.
Yes. Well, I also received an email from Sietske van Zanen who thought
more thoroughly than I did, but he hit the wrong butten and it was not
sent to the list.
This was his answer and I have to agree with him:
[quote]
I do not see what use it is, to block this on your firewall. WoL is a
broadcast, hence it will already never traverse a firewall if it's
configured correctly. On the local LAN segment they will never pass a
firewall before reaching a LAN station. That's the whole idea of
broadcasting.
The best thing to do is disable WoL on the workstations.
-Sietse
[/quote]
Gr,
Rob
More information about the netfilter
mailing list