LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 07-12-2007, 09:10 PM   #1
shio
LQ Newbie
 
Registered: Jul 2007
Posts: 19

Rep: Reputation: 0
iptables samba issue


Hi All,

i cant access samba services after i load below firewall script to my server. please help

below is my script:

$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 23 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 25 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 110 -j ACCEPT
$IPTABLES -A INPUT -i eth0 -d 192.168.2.9 -p TCP --dport 445 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i eth0 --dport 10000 -j ACCEPT
$IPTABLES -A INPUT -p tcp -i lo -j ACCEPT
$IPTABLES -A INPUT -j DROP

192.168.2.9 is my samba server static ip
 
Old 07-12-2007, 10:10 PM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
From the Samba 3 Howto and Reference Guide:
Code:
18.3.4 Using a Firewall
Many people use a firewall to deny access to services they do not want exposed
outside their network. This can be a good idea, although I recommend
using it in conjunction with the above methods so you are protected even if
your firewall is not active for some reason.
If you are setting up a firewall, you need to know what TCP and UDP ports
to allow and block. Samba uses the following:
Port 135/TCP - used by smbd
Port 137/UDP - used by nmbd
Port 138/UDP - used by nmbd
Port 139/TCP - used by smbd
Port 445/TCP - used by smbd
The last one is important because many older firewall setups may not be
aware of it, given that this port was only added to the protocol in recent
years.
When configuring a firewall, the high order ports (1024-65535) are often
used for outgoing connections and therefore should be permitted through
the firewall. It is prudent to block incoming packets on the high order ports
except for established connections.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SMTP issue with iptables dragonleech Linux - Security 4 12-21-2005 10:46 AM
Nother iptables issue shadowvyce Linux - Security 8 11-11-2004 11:34 AM
iptables ssh issue computergeek84 Linux - Security 16 01-08-2004 12:15 PM
iptables issue rkemp Linux - Networking 3 11-29-2003 06:50 PM
iptables issue f1uke Linux - Security 3 08-11-2003 07:58 PM


All times are GMT -5. The time now is 12:16 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration