[Samba] Not another SAMBA through a firewall post
Mike
1100100 at gmail.com
Fri Mar 5 18:09:17 MST 2010
NAT relies on port forwarding. To do pre/post routing, I believe you
must indicate FORWARDING rules for incoming and outgoing traffic on
that port:
$IPT -t filter -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 137 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -o $INTIF -i $EXTIF -p tcp --dport 137 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 138 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -o $INTIF -i $EXTIF -p tcp --dport 138 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 139 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -o $INTIF -i $EXTIF -p tcp --dport 139 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 445 --syn
-m state --state NEW -j ACCEPT
$IPT -t filter -A FORWARD -o $INTIF -i $EXTIF -p tcp --dport 445 --syn
-m state --state NEW -j ACCEPT
Do you have similar forwarding rules?
HTH,
Mike
More information about the samba
mailing list