[Samba] [Solved] Fedora 25 Samba and XP-SP3
Reindl Harald
h.reindl at thelounge.net
Mon Jun 12 12:19:00 UTC 2017
Am 12.06.2017 um 10:00 schrieb Mike Brown via samba:
> On Mon, Jun 12, 2017 at 09:51:53AM +0200, Reindl Harald via samba wrote:
>>>>> Damn firewall. By default, Samba isn't allowed to connect. Found it by
>>>>> using wireshark to look at the packets and that gave me the clue
>>>>
>>>> no need for wireshark - normally one does simply "telnet host port" before
>>>> even consider debug deeper
>>>
>>> Not sure I would have gotten the same info back. Normally it is connection
>>> refused when I do something like that. The wireshark message was more
>>> concise. Either way, it was solved
>>
>> yeah and when you get connection refused on a TCP port the service is not
>> reachable at all - it's not running or some firewall in front and hence the
>> ICMP "port unrechable" response
>
> With wireshark the response was "Destination unreachable (Host
> administratively prohibited)." The "administratively prohibited" was the
> big clue.
the big clue is can you connect to the port or not
--reject-with type
Type can be
-icmp-net-unreachable
-icmp-host-unreachable
-icmp-port-unreachable
-icmp-proto-unreachable
-icmp-net-prohibited
-icmp-host-prohibited
-icmp-admin-prohibited
"-j REJECT --reject-with icmp-admin-prohibited" could be anything from
above and is just a rule detail where the default is "icmp-port-unreachable"
More information about the samba
mailing list