LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-17-2009, 04:24 PM   #16
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122

Can you post "ifconfig"?
 
Old 05-16-2009, 12:39 PM   #17
NiMacTry2
LQ Newbie
 
Registered: May 2009
Posts: 2

Rep: Reputation: 0
Well i had similar issue try this

First
cat system-config-securitylevel

for Samba to go through firewall you should see

--port=137:udp
--port=138:udp
--port=139:tcp
--port=445:tcp

Your IPtables are not correct, port 137 and 445 are UDP not TCP ports! So 137 445 UDP ports should be open

add this to /etc/sysconfig/iptables (do not add after"COMMIT" line, just to let you know :-)

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT

This should work.
 
Old 05-18-2009, 11:13 AM   #18
Sanford Stein
Member
 
Registered: Jun 2008
Location: Evanston, Illinois
Distribution: RHEL 6.4
Posts: 126

Original Poster
Rep: Reputation: 17
NiMacTry2,

Thanks for your response. I cut and pasted the 4 lines into /etc/sysconfig/iptables and restarted the iptables service but it did not change things.

# cat /etc/sysconfig/system-config-securitylevel did not list the additional ports.
And I still got a timeout when attempting to mount the samba drive from a remote client.

If I totally stop the firewall (service iptables stop) then I am able to mount the samba drive from a Windows desktop. This is not an acceptable solution, but it does tell me that the iptables rules are the problem.

(For billymayday and others who were helping me look at other things a month ago: I had reported that I had stopped the firewall and could still not connect, but the problem was the firewall on my Linux CLIENT box. When my client is a Windows box with no firewall and the firewall is stopped on the Linux client, it works.)

My /etc/sysconfig/iptables is listed here. Can you see anything I am doing wrong?

Thanks,
SS
-----------------------------------------------------------------------------------

:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
 
Old 05-18-2009, 04:21 PM   #19
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
See http://us3.samba.org/samba/docs/man/...#firewallports

Last edited by billymayday; 05-18-2009 at 04:23 PM.
 
Old 05-19-2009, 01:46 AM   #20
NiMacTry2
LQ Newbie
 
Registered: May 2009
Posts: 2

Rep: Reputation: 0
If is it allowed for to use GUI. Go to firewall settings and see if samba is checked as a allowed rule.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SAMBA on a Windows Active Directory xKintaro Linux - Networking 7 12-20-2008 11:22 PM
samba problems accesing openoffice spredsheets flyereddie Linux - Networking 4 11-24-2006 04:19 PM
Accesing a share on windows g77s80 Linux - Networking 1 05-10-2006 05:26 AM
Samba: Home directory files do not appear in windows ryan12345 Linux - Networking 1 05-14-2005 03:57 AM
samba - users can see system files etc when accesing share t3___ Linux - Software 8 01-08-2004 02:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration