Samba 2.0.0 and ipfwadm on Linux
Yan Seiner
yan at cardinalengineering.com
Wed Feb 10 11:45:14 GMT 1999
The client connects from a random unpriviledged port to 139. You need
to open your firewall for connections from 1024:65535 to 139 on the
server for tcp protocol.
If you know the name of the service, and don't need browsing, that is
the only service you need. 138 and 137 are used for browsing and name
resolution.
I've had good luck running a little identd daemon on Win32 machines, and
using tcpwrappers to restrict by user and machine who can log on.
See
http://gpu.srv.ualberta.ca/lynx/lynx/HELP/modem/ident-win.html
Yan
Martha Peter wrote:
> Hi
>
> I have a little problem with $SUBJECT. I must totally open our firewall
> to let samba be the domain controller. If i open only udp ports 137-138
> and tcp port 137-139 samba doesn't handle domain logons, i get "domain
> Controller cannot be found" errors. But this is the case when i let a
> specific client to access the samba server at any ports.
> Is it a linux (ipfwadm) problem or a samba "feature"? I also think i did
> something wrong, but any other programs work well. Thanks in advance.
>
> Peter
More information about the samba-ntdom
mailing list