[Samba] Re: Redhat firewall problem...

linux power linuxpower at operamail.com
Thu May 15 22:14:08 GMT 2003


    Attached my rh 7.2 iptables firewall.
The loopback interface is a securety risk due to it open the netbios ports to the world.    

----- Original Message -----
From: "linux power" <linuxpower at operamail.com>
Date: Thu, 15 May 2003 22:55:05 +0100
To: samba at lists.samba.org
Subject: Re: [Samba] Re: Redhat firewall problem...

>     
> add this to iptables and try it.
> iptables -A INPUT -m state --state NEW -j ACCEPT
> or use --state RELATED,ESTABLISHED -j ACCEPT
> See the iptables man pages.
> 
> ----- Original Message -----
> From: North Lilly <nlilly at slis.kent.edu>
> Date: Thu, 15 May 2003 16:52:08 -0400
> To: samba at lists.samba.org
> Subject: [Samba] Re: Redhat firewall problem...
> 
> > Thanks!  That did the trick.
> > 
> > linux power wrote:
> > > I thought redhat used ipchains in lokkit, but perhaps they have changed that in newer versions. However it's the correct ports you have opened, but you must also allow access from the lan to the server. Ie. If your lan cardon the lindoze  have address 192.168.0.1
> > >  Then you must add this in ipchains.
> > > /sbin/ipchains -I input 1 -s 192.168.0.0/24 -j ACCEPT
> > > This will insert the statement as the first line in the ipchains rules.
> > > However to make it permanent you must edit the /etc/sysconfig/ipchains
> > > file and save it using /sbin/services ipchains save
> > > North Lilly <nlilly at slis.kent.edu> wrote:
> > > I've just tried setting up a Shrike (9) version of Redhat. Using the 
> > > medium settings of lokkit, then adding manually accept commands for 
> > > ports 137/udp 138/udp, 139/tcp and 445/tcp, I thought I should have been 
> > > ready to go.
> > > 
> > > This isn't the case, however. I know it's not the smb.conf settup 
> > > because when I kill iptables samba works.
> > > 
> > > When iptables IS running however, it will respond to a connect request 
> > > but not seem to accept the ID and password supplied.
> > > 
> > > What am I missing??
> > > 
> > > North Lilly
> > > 
> > > 
> > 
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
>     
> -- 
> ____________________________________________
> http://www.operamail.com
> Get OperaMail Premium today - USD 29.99/year
> 
> 
> Powered by Outblaze

    
    
-- 
____________________________________________
http://www.operamail.com
Get OperaMail Premium today - USD 29.99/year


Powered by Outblaze


More information about the samba mailing list