Ok, so here's the issue - Trying to get samba working on the server again after the reinstall ... Everything up and running fine except I can't get samba working... of course it takes me screwing around with it off and on for days to figure out it's a firewall issue... heh.... So, I trying to use only webmin utilities or command line stuff for everything this time around (used firestarter last time - very easy setup) but the point is to learn right? So I got all my ports for p2p and stuff and set up the following in webmin -

Accept If protocol is TCP and source port is 137:139
Accept If protocol is UDP and source port is 137:139
Accept If protocol is UDP and source port is 445

===

Still doesn't work - felt like I missed something - -- like a port that needed to be opened... so I shut off the firewall and samba works fine of course so it still has to be the firewall -

===

So I decided to setup an allow on the entire ip - like :

Accept If source is 192.168.0.101 - currently my notebook - ...

works fine after that... so I was going to try to setup a mask like:

192.168.0.* so that all ip's on the network had no problems - but of course it won't let you do it....

I've tried to use 192.168.0.0/255 ... and different variables for masking but they either error out or don't allow the connection....

so my question is how to I ?

Also - someone want to give me some tips on firewalls - this is my configuration so far: the top 7 lines we're there when I started .. don't have a clue what the 224.0.0.251 is.. but just left it.... ---- any help would be appreciated -

====

Accept If input interface is lo
Accept If protocol is ICMP and ICMP type is any
Accept If protocol is 50
Accept If protocol is 51
Accept If protocol is UDP and destination is 224.0.0.251 and destination port is 5353
Accept If protocol is UDP and destination port is 631
Accept If state of connection is ESTABLISHED,RELATED
Accept If protocol is TCP and destination port is 22 and state of connection is NEW
Accept If protocol is TCP and destination port is 80 and state of connection is NEW
Accept If protocol is TCP and destination port is 21 and state of connection is NEW
Accept If protocol is TCP and destination port is 8291 and state of connection is NEW
Accept If protocol is TCP and source port is 1214
Accept If protocol is TCP and source port is 6346
Accept If protocol is TCP and source port is 5000
Accept If protocol is TCP and source port is 5555
Accept If protocol is TCP and source port is 7777
Accept If protocol is TCP and source port is 8311
Accept If protocol is TCP and source port is 8875
Accept If protocol is TCP and source port is 6257
Accept If protocol is UDP and source port is 6699
Accept If protocol is TCP and source port is 6346
Accept If protocol is TCP and source port is 1215
Accept If protocol is TCP and source port is 16211
Accept If protocol is TCP and source port is 3905
Accept If protocol is TCP and source port is 1718
Accept If protocol is TCP and source port is 1217
Accept If protocol is TCP and source port is 1213
Accept If protocol is TCP and source port is 137:139
Accept If protocol is UDP and source port is 137:139
Accept If protocol is UDP and source port is 445
Accept If source is 192.168.0
Reject Always

====


thanx!

I'm sure you've figured it out by now but for the reference of other ppl who hit this question, the source
adresses should be typed in in the following format

192.168.0.0/24 (IPs 192.168.0.1 -> 192.168.0.254) (Class C Network)
or
192.168.1.0/24 (IPs 192.168.1.1 -> 192.168.1.254) (Class C Network)
or
172.16.0.0/16 (IPs 172.16.0.1 -> 172.16.254.254) (Class B Network)
or
10.0.0.0/8 (IPs 10.0.0.1 -> 10.254.254.254) (Class A Network)