[Samba] RE: firewall (solution)
Richard Fox
rfox at sbsii.com
Tue Nov 5 15:34:00 GMT 2002
I just wanted to post the ipchains rules that allowed nmblookup to work, as
well as findsmb. The security ramifications of opening the netbios ports are
something I will look into next. But, these rules will allow not only seeing
shares from NT clients but samba to act as PDC also.
-A input -p tcp -s 192.168.0.0/24 -d 0/0 137:139 -j ACCEPT
-A input -p udp -s 192.168.0.0/24 -d 0/0 137:139 -j ACCEPT
-A input -p udp -s 192.168.0.0/24 137:139 -d 0/0 1024: -j ACCEPT
resulting in (ipchains -L):
ACCEPT tcp ------ 192.168.0.0/24 anywhere any ->
netbios-ns:netbios-ssn
ACCEPT udp ------ 192.168.0.0/24 anywhere any ->
netbios-ns:netbios-ssn
ACCEPT udp ------ 192.168.0.0/24 anywhere
netbios-ns:netbios-ssn -> 1024:65535
Rich
More information about the samba
mailing list