adsl ---> switch ---> win98 (172.16.1.3) + winxp (172.16.1.2) suse (172.16.1.1 - apache+ssh) with samba network I recently scanned my network with nessus and the results were awfull. I scanned one of my vhosts and it look like samba ports are accessible from internet. Is this because I'm running nessusd -D and scanning ??? I don't care about win boxes but I do care about suse box. From internet I only want to allow http and ssh and samba from internal. FW_QUICKMODE="no" FW_DEV_EXT="dsl0" FW_DEV_INT="eth0" FW_DEV_DMZ="" FW_ROUTE="no" FW_MASQUERADE="no" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="http ssh" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_SERVICES_INT_TCP="137:139 445 901" FW_SERVICES_INT_UDP="137:139 445 901" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_SERVICES_DROP_EXT="" FW_SERVICES_REJECT_EXT="0/0,tcp,113" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" #tried adding here instead FW_SERVICES_INT_* -- Bojan Hribernik http://hribb.homelinux.com/