Firewalle Blocks Flow on UDP 137 NETBIOS Name Service
My Firewalla Blocks this flow every minute i think it is a lookup from my ISP Router, it flooded my loogs. Mybe someone can help me what i should do....
The source is my ISP Router 192.168.1.1 the target ist my firewalla 192.168.1.87 on Port 137 as described in the title.
i tried to deactiveate some stuff on my ISP router no improvment.
I have the FirewallaGold
-
It's hard to tell what's the exact reason without closely checking your network.
Usually this is because the router wants to lookup the NetBios name of all devices in its subnet, including Firewalla, so that it can display the device names nicely in the portal. The protocol is via UDP port 137.
Unfortunately Firewalla doesn't support creating allow rules to allow traffic against the box itself yet.
-
@Firewalla, You have responded to Emanuel Di Teresa. I never mentioned 192.168.1.87, I just added my query to this thread to avoid proliferation of topics.
To clarify, it suits me to have a setup where the Gold is connected to the fibre (FTTP) and on one of its three differently-ruled subnets there is a further division with a Purple tracking a bunch of other devices in a separate net. It is the Purple (x.x.1.67) which is advising me that the Gold (x.x.1.1) is sending the UDP 137 packets.
The iSP provides a static IP, data, speed, and a price. It neither supplies nor manages anything at my end, so I cannot see that it would be sending these packets and if it were, then why would they arrive when the Gold is instructed to block all traffic other than certain ports forwarded to a mail & DNS server which sits on the same net at the same level as the purple (same x.x.1.n address space)?
Please sign in to leave a comment.
Comments
5 comments