Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I need tcp port 139 or 445 to run smb and udp ort 161 for snmp.
I tried editing /etc/sysconfig/iptables:
and adding lines:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 161 -j ACCEPT
when i run netstat -ta or netstat -l I don't see either of those two ports open....
does anyone know what I am doing wrong or if there is anything i am forgetting to add
***For Samba***
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --source 192.168.0.0/255.255.255.0 --dport 137:139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --source 192.168.0.0/255.255.255.0 --dport 137:139 -j ACCEPT
***For SNMP***
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 161 -j ACCEPT
Change the --source 192.168.0.0/255.255.255.0 to your IP network. After that just do a 'service iptables restart' and it should be good to go.
Last edited by blkcamarozr28; 11-11-2005 at 08:06 PM.
Originally posted by LAdProg2005
[B
so if my ip is 1.2.3.4 i need to say source 1.2.0.0/... ? or write the full ip....
[/B]
It depends on your subnet mask. What is your IP address and Subnet Mask? Also, if you dont want to filter smb via a source address you can just omit '--source 192.168.0.0/255.255.255.0' and it should still work.
For whatever reason when I run xprobe2 -v localhost I get this following error: or I am just not understanding and it is just running fine...
[+] Selected safe Round-Trip Time value is: 0.00034 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[-] fingerprint:snmp: need UDP port 161 open
[+] Primary guess:
xprobe2 -v calif.dyndns.org
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on calif.dyndns.org. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on calif.dyndns.org. Module test failed
[-] No distance calculation. calif.dyndns.org appears to be dead or no ports known
[+] Host: calif.dyndns.org is down (Guess probability: 0%)
the thing is, the host is up and running and it tells me its not...when i run nmap -sT and nmap -sU it gives me tcp and upd ports are running.
When i add the rules in iptables for snmp and samba and restart my iptables it starts ok. but running nmap doesn't show me those ports as open.
Are you running this server behind a Natted router (Linksys, Netgear, etc..)? If so then you need to port forward on your router to the server. Try to explain your setup better and what you are trying to do. Are you trying to access smb & snmp from the Internet or internal network?
Well, I don't exactly know what firewall school uses but I am running my centos linux server through the university's. So, there is definetly the firewall issue. smb, snmp: are used by xprobe2 for fingerprint if i run it locally it doesn't work or if I try to scan other ip's that are not within the school network.
I am just trying to run xprobe2 successfully and it gives me errors listed above.
I thought if you write the firewall rules in iptables then it should work just fine...but it doesn't seem to..
If you think its a local firewall issue on your box then disable iptables 'service iptables stop' and see if xprobe works. If it doesnt then its not a iptables issue.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.