Quoting Chris Reeves <chris.reeves@iname.com>: [snip]
Did you create this firewall yourself? The fact that you've firewalled 137 and 138 with the DENY target explains why these ports are showing up on the nmap scan. When nmap performs a UDP scan, it looks for ICMP post unreachable packets being returned when it prods a port. If it doesn't receive such a packet when it prods a port, then it assumes that port is open.
I am not sure about UDP ports, but I know this is not correct for TCP ports. If nmap receives a RST packet, the result of a REJECT action in the firewall, it reports the port is closed. If it receives no response, the result of a DENY action, it reports the port is filtered. Jeffrey -- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck