LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   What ports shall i allow for samba? (https://www.linuxquestions.org/questions/linux-networking-3/what-ports-shall-i-allow-for-samba-283037/)

ginda 01-27-2005 05:10 PM
What ports shall i allow for samba?
 
Got samba working till i started the firewall....what ports does samba need?

jtshaw 01-27-2005 05:23 PM
137 (udp), 139 (tcp), and 445 (tcp)

Peacedog 01-27-2005 05:27 PM
I think it's 137, 138, 139, and 445.
good luck.

jtshaw 01-27-2005 05:28 PM
138 (udp) is optional.

ginda 01-28-2005 01:22 PM
Thanks all

ginda 01-28-2005 01:43 PM
Actually guys....its not mapping the share now...and it does when i disable the firewall...i have put them port numbers in the control center of suse 8.2 firewall

ginda 01-29-2005 02:50 AM
Any ideas? anyone?

jtshaw 01-29-2005 11:56 AM
Did you make sure to specify the TCP/UDP allowances? Two of the neccesary ports are TCP ports and two are UDP.

From a command line type iptables -L (you have to be root) and paste the output in a post so we can see it.

ginda 01-29-2005 02:45 PM
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG all -- loopback/8 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- anywhere loopback/8 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- loopback/8 anywhere
DROP all -- anywhere loopback/8
LOG all -- linux.local anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- linux.local anywhere
LOG all -- linux.local anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- linux.local anywhere
input_ext all -- anywhere linux.local
input_int all -- anywhere linux.local
DROP all -- anywhere 10.10.1.255
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 10.10.1.255
DROP all -- anywhere 255.255.255.255
LOG all -- anywhere linux.local LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCESS_DENIED_INT '
DROP all -- anywhere linux.local
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-ILLEGAL-TARGET '
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG icmp -- anywhere anywhere icmp time-exceeded LOG level warning tcp-options ip-options prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp port-unreachable
ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed
ACCEPT icmp -- anywhere anywhere icmp network-prohibited
ACCEPT icmp -- anywhere anywhere icmp host-prohibited
ACCEPT icmp -- anywhere anywhere icmp communication-prohibited
DROP icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-OUTPUT-ERROR '

Chain forward_dmz (0 references)
target prot opt source destination

Chain forward_ext (0 references)
target prot opt source destination

Chain forward_int (0 references)
target prot opt source destination

Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 10.10.1.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 10.10.1.0/24 anywhere
LOG all -- 10.10.1.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 10.10.1.0/24 anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT udp -- cache1.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT udp -- cache2.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:dnp
DROP udp -- anywhere anywhere udp dpt:dnp
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain input_ext (1 references)
target prot opt source destination
LOG all -- 10.10.1.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 10.10.1.0/24 anywhere
LOG icmp -- 10.10.1.0/24 anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT-SOURCEQUENCH '
ACCEPT icmp -- 10.10.1.0/24 anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp dpt:netbios-ns flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-ns
LOG tcp -- anywhere anywhere tcp dpt:netbios-dgm flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-dgm
LOG tcp -- anywhere anywhere tcp dpt:netbios-ssn flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-ssn
LOG tcp -- anywhere anywhere tcp dpt:microsoft-ds flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:microsoft-ds
LOG tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:http
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT udp -- cache1.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT udp -- cache2.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:dnp
DROP udp -- anywhere anywhere udp dpt:dnp
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain input_int (1 references)
target prot opt source destination
LOG all -- 10.10.1.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 10.10.1.0/24 anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ndmp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:dnp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT udp -- cache1.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT udp -- cache2.ntli.net anywhere state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:ndmp
DROP udp -- anywhere anywhere udp dpt:dnp
DROP udp -- anywhere anywhere udp dpt:dnp
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain reject_func (3 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable

jtshaw 01-29-2005 02:52 PM
Quote:
LOG tcp -- anywhere anywhere tcp dpt:netbios-ns flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-ns
LOG tcp -- anywhere anywhere tcp dpt:netbios-dgm flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-dgm
LOG tcp -- anywhere anywhere tcp dpt:netbios-ssn flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:netbios-ssn
LOG tcp -- anywhere anywhere tcp dpt:microsoft-ds flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:microsoft-ds
LOG tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-ACCEPT '
Exactly what I thought... you have all the ports on accept for TCP but the problem is Samba doesn't use them all as TCP ports.

netbios-ssn and microsoft-ds are TCP ports.
netbios-ns and netbios-dgm are UDP ports. I actually don't allow netbios-dgm on my network because it is optional, but you need the netbios-ns UDP port open and you don't have a rule for that.

ginda 01-29-2005 03:12 PM
how do i allow that port?

ginda 01-29-2005 03:15 PM
How do i add into the suse 8.2 yast control center because all it gives me is an expert option where i can enter port numbers but how do i specifiy what type tcp or udp etc

jtshaw 01-29-2005 03:18 PM
Code:
iptables -A INPUT -p tcp --dport netbios-ssn -j ACCEPT       
iptables -A INPUT -p tcp --dport microsoft-ds -j ACCEPT
iptables -A INPUT -p udp --dport netbios-ns -j ACCEPT
Those are the rules I use to allow Samba to work. However, if your using one of those nifty gui tools I have no idea how you are suppose to differentiate between tcp and udp ports.

ginda 01-30-2005 01:21 AM
Ok...i have seen the GUI for the linux firewall in webmin, but it looks alot more complex than i thought...do i just add the new lines via the add new chain button or do i have to edit the specific lines

jtshaw 01-30-2005 02:33 AM
I don't really know how to help you there. I just wrote my own script to purge any and all existing rules and activate the ones I wanted. iptables is pretty easy to configure by hand.


All times are GMT -5. The time now is 11:44 PM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page