[Samba] Samba and a firewall
Thierry TERRIER
thierry.terrier at atolltech.fr
Mon Sep 2 13:42:02 GMT 2002
Hi,
You have to open the following ports with associated protocols.
accept ... tcp destination port netbios-ssn
accept ... udp destination port netbios-ns
accept ... udp destination port netbios-dgm
Bastille firewall do that.
If you want to use smb or netbios broadcast names resolution (nmblookup),
you must add
accept ... udp source port netbios-ns
Best regards
Thierry
Bajoti Andor wrote:
>And port 135?
>
>[Samba] Samba and a firewall
>Dan Vande More dvm at gwtr.com
>Thu Aug 1 08:44:02 2002
>
>Previous message: [Samba] "FIXED PROBLEM"
>Next message: [Samba] FW: Print jobs hang in Samba, don't go to UNIX
>spooler
>Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>
>--------------------------------------------------------------------------------
>
>We have a web server in our dmz, and we block all but the ports you =
>listed as well.
>Our symptoms were similar, in that we could not do:
>
>\\webserver\apacheshare\
>
>BUT we can do:
>
>\\172.16.0.1\apacheshare\
>
>It is some kind of wins/LMHOSTS/etc issue, but it does not bother us, so
>=
>we haven't taken the time to fix it.
>
>You might see if that helps.
>
>Dan
>-----Original Message-----
>From: Adrian Ciocildau [mailto:adri_l at gmx.net]
>Sent: Thursday, August 01, 2002 9:19 AM
>To: samba at lists.samba.org
>Subject: [Samba] Samba and a firewall
>
>
>Hi guys !
>
>I have a problem and I hope I can get some help here.
>
>I want to run a Samba server on a linux firewall machine.
>This firewall allowa all the udp pachets and also icmp. The firewall =
>blocks=20
>all TCP incomming connection exept on port 22 (ssh).=20
>
>I have allowed incomming conection on 137, 138, and 139 (TCP) ports and
>=
>I=20
>stiil get an error message from windows clients. The computer appears in
>=
>the=20
>net but when I try to browse I get an error: "Network path not found !"
>
>I hope the windows machine is using only 137-139 ports to open TCP =
>connections=20
>on the samba server .....
>
>
>looking forward for your help,
>
>Adrian Ciocildau
>
>
>--
>Bajoti Andor
>Bell Telemarketing Kft.
>www.belltelemarketing.hu
>Phone: +(36) 1 4556161
>Fax: +(36) 1 4556160
>Mobile: +(36) 20 9834725
>
More information about the samba
mailing list