[Samba] Re: SUSE 10.0 and firewall
Robert Schetterer
robert at schetterer.org
Thu Jan 19 14:08:01 GMT 2006
Hi,
if both samba and windows are behind a firewall , you dont need any
firewall working on samba and windows machine if you trust your intranet
otherwise you have to open the smb/cifs ports as minimum
here is typical drop table for iptables
#drops
#block smb from outside
/usr/sbin/iptables -A INPUT -p udp -i ppp0 --dport 135:139 -j DROP
/usr/sbin/iptables -A INPUT -p udp -i ppp0 --dport 445 -j DROP
/usr/sbin/iptables -A INPUT -p tcp -i ppp0 --dport 135:139 -j DROP
/usr/sbin/iptables -A INPUT -p tcp -i ppp0 --dport 445 -j DROP
so open udp/tcp 135-139 and 445 should do the samba jobs working
Regards
Oygle schrieb:
> Hi Robert,
>
> The Samba computer, and the Win XP computer that are on the LAN, both
> sit behind a firewall.
>
> So, it sounds like I don't need to have the firewall active at all on
> the Linux box. I guess because I have always had a firewall on any Win
> boxes (acting as an 'application' firewall, to enable/disable requests
> going out from various software), that I just followed that pattern
> and setup the firewall on the Linux box.
>
> (Sometimes even Firefox goes to sites like newsrss.bbc.co.uk, and I
> block that from the Win firewall, ... it just eats up bandwidth
> otherwise).
>
> So, as long as it is safe to disable the firewall completely, if that
> will fix the Samba problem, then that's okay. (Still it must just be a
> port that Samba needs to have open ?? ).
>
> Thanks for your help,
>
> Oygle
>
>
--
Mit freundlichen Gruessen
Best Regards
Robert Schetterer
robert_at_schetterer_dot_org
Munich / Bavaria / Germany
https://www.schetterer.org
More information about the samba
mailing list