From: Volkov, Dmitry (Toronto - BCE) (dmitry_volkov@ca.ml.com)
Date: Thu Sep 19 2002 - 18:08:58 GMT-3
How to filter Netbios names on Ethernet interfaces ???
I tried this:
netbios access-list host test deny *
!
int e0
access-expression input netbios-host(test)
access-expression output netbios-host(test)
I still was able to do "net view \\computer" from PC on Ethernet to outside
and from outside towards to PC running on Ethernet
I works on Tok ring but not on Ethernet... !!!
Are access-expressions valid only for SRB ? Not valid for TB ??
We can use netbios input(output)-access-filter on Tok Ring as well , NOT on
Ethernet.
We can use "dlsw icanreach netbios-name (exclusive)" - but this advertises
reachability to remote peer.
We can use "dlsw remote-peer 0 tcp 1.1.1.1 host-netbios-out" but this
configures netbios host output filtering for this peer
We can use "dlsw prom-peer-defaults host-netbios-out" but this configure
netbios host output filtering for prom peers
I don't see any way selectively to filter NETBIOS traffic coming through
router into ethernet, all methods are about
advertising of reachability or filter outbound netbios traffic from Ethernet
into router, etc.
Any comments please
Thanks,
Dmitry
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:57 GMT-3