From df637f54ca77480f2a83098b699ee6cbcab4d66f Mon Sep 17 00:00:00 2001
From: Stephen Gran <steve@lobefin.net>
Date: Wed, 24 Feb 2010 00:37:51 +0000
Subject: [PATCH] be a little more liberal about throwing away MS traffic

Signed-off-by: Stephen Gran <steve@lobefin.net>
---
 modules/ferm/files/ferm.conf | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/modules/ferm/files/ferm.conf b/modules/ferm/files/ferm.conf
index c63c8ea7d..b5448b07a 100644
--- a/modules/ferm/files/ferm.conf
+++ b/modules/ferm/files/ferm.conf
@@ -54,8 +54,7 @@ domain (ip ip6) {
 
 domain (ip ip6) {
         chain INPUT {
-                proto udp dport 137 DROP;
-                proto tcp mod multiport destination-ports (137 445) DROP;
+                proto (tcp udp) mod multiport destination-ports (135 137 138 139 445 1026 1027 1433) DROP;
                 jump log_or_drop;
         }
 }
-- 
2.20.1