[Samba] ,Re: Samba and ufw

Martin McGlensey mmcg29440 at frontier.com
Mon Feb 11 00:06:07 UTC 2019


Louis,

Tried the rules you suggested:

These work. I think that rules out any Windows problems.
ufw insert 1 allow in on enp2s5 from 192.168.254.15 to 192.168.254.39
ufw insert 2 allow in on enp2s5 from 192.168.254.39 to 192.168.254.15

These do not work.
ufw insert 1 allow in on enp2s5 proto tcp from 192.168.254.0/24 to 192.168.254.39 port 139,445
ufw insert 2 allow in on enp2s5 proto udp from 192.168.254.0/24 to 192.168.254.39 port 137,138

Adding these does not work as well.
ufw insert 1 allow in on enp2s5 proto tcp from 192.168.254.0/24 to 192.168.254.39 port 1024:1300,49152:65535
ufw insert 1 allow in on enp2s5 proto tcp from 192.168.254.39 to 192.168.254.0/24  port 1024:1300,49152:65535

No problem logging on with the firewall disabled or when enabled with the first two rules.

Tried adding port 135 mentioned in an internet search. No change.

Last part of /var/log/ufw.log:



martin at radio:~$ tail -n 30 /var/log/ufw.log
Feb 10 16:30:48 radio kernel: [ 3796.910381] [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=224.0.0.251 LEN=167 TOS=0x00 PREC=0x00 TTL=255 ID=58501 DF PROTO=UDP SPT=5353 DPT=5353 LEN=147
Feb 10 16:32:14 radio kernel: [ 3882.641181] [UFW AUDIT] IN=enp2s5 OUT= MAC=ff:ff:ff:ff:ff:ff:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.255 LEN=235 TOS=0x00 PREC=0x00 TTL=128 ID=32676 PROTO=UDP SPT=138 DPT=138 LEN=215
Feb 10 16:32:36 radio kernel: [ 3904.825197] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45827 DF PROTO=UDP SPT=54662 DPT=137 LEN=58
Feb 10 16:32:36 radio kernel: [ 3904.825208] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45827 DF PROTO=UDP SPT=54662 DPT=137 LEN=58
Feb 10 16:32:36 radio kernel: [ 3904.825234] [UFW AUDIT] IN=enp2s5 OUT= MAC= SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45827 DF PROTO=UDP SPT=54662 DPT=137 LEN=58
Feb 10 16:32:36 radio kernel: [ 3904.825833] [UFW AUDIT] IN=enp2s5 OUT= MAC=00:19:21:a2:11:5e:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.39 LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=27398 PROTO=UDP SPT=137 DPT=54662 LEN=70
Feb 10 16:32:36 radio kernel: [ 3904.825853] [UFW BLOCK] IN=enp2s5 OUT= MAC=00:19:21:a2:11:5e:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.39 LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=27398 PROTO=UDP SPT=137 DPT=54662 LEN=70
Feb 10 16:32:37 radio kernel: [ 3905.826375] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45984 DF PROTO=UDP SPT=48574 DPT=137 LEN=58
Feb 10 16:32:37 radio kernel: [ 3905.826387] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45984 DF PROTO=UDP SPT=48574 DPT=137 LEN=58
Feb 10 16:32:37 radio kernel: [ 3905.826411] [UFW AUDIT] IN=enp2s5 OUT= MAC= SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=45984 DF PROTO=UDP SPT=48574 DPT=137 LEN=58
Feb 10 16:32:37 radio kernel: [ 3905.826922] [UFW AUDIT] IN=enp2s5 OUT= MAC=00:19:21:a2:11:5e:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.39 LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=27401 PROTO=UDP SPT=137 DPT=48574 LEN=70
Feb 10 16:32:37 radio kernel: [ 3905.826936] [UFW BLOCK] IN=enp2s5 OUT= MAC=00:19:21:a2:11:5e:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.39 LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=27401 PROTO=UDP SPT=137 DPT=48574 LEN=70
Feb 10 16:32:38 radio kernel: [ 3906.828475] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=46172 DF PROTO=UDP SPT=60219 DPT=137 LEN=58
Feb 10 16:32:38 radio kernel: [ 3906.828485] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=46172 DF PROTO=UDP SPT=60219 DPT=137 LEN=58
Feb 10 16:32:38 radio kernel: [ 3906.828511] [UFW AUDIT] IN=enp2s5 OUT= MAC= SRC=192.168.254.39 DST=192.168.254.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=46172 DF PROTO=UDP SPT=60219 DPT=137 LEN=58
Feb 10 16:33:07 radio kernel: [ 3936.009704] [UFW AUDIT] IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.53 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=17405 DF PROTO=UDP SPT=49701 DPT=53 LEN=55
Feb 10 16:33:07 radio kernel: [ 3936.009741] [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=17405 DF PROTO=UDP SPT=49701 DPT=53 LEN=55
Feb 10 16:33:07 radio kernel: [ 3936.009782] [UFW AUDIT] IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.53 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=17406 DF PROTO=UDP SPT=49701 DPT=53 LEN=55
Feb 10 16:33:07 radio kernel: [ 3936.009795] [UFW AUDIT] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.53 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=17406 DF PROTO=UDP SPT=49701 DPT=53 LEN=55
Feb 10 16:33:07 radio kernel: [ 3936.010381] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.254 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=50514 DF PROTO=UDP SPT=43870 DPT=53 LEN=55
Feb 10 16:33:07 radio kernel: [ 3936.010390] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.254 LEN=75 TOS=0x00 PREC=0x00 TTL=64 ID=50514 DF PROTO=UDP SPT=43870 DPT=53 LEN=55
Feb 10 16:33:08 radio kernel: [ 3937.010667] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=35.222.85.5 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=33228 DF PROTO=TCP SPT=40360 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0
Feb 10 16:33:08 radio kernel: [ 3937.010678] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=35.222.85.5 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=33228 DF PROTO=TCP SPT=40360 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0
Feb 10 16:34:23 radio kernel: [ 4012.052235] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=257 TOS=0x00 PREC=0x00 TTL=64 ID=52310 DF PROTO=UDP SPT=138 DPT=138 LEN=237
Feb 10 16:34:23 radio kernel: [ 4012.052245] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=257 TOS=0x00 PREC=0x00 TTL=64 ID=52310 DF PROTO=UDP SPT=138 DPT=138 LEN=237
Feb 10 16:34:23 radio kernel: [ 4012.052263] [UFW AUDIT] IN=enp2s5 OUT= MAC= SRC=192.168.254.39 DST=192.168.254.255 LEN=257 TOS=0x00 PREC=0x00 TTL=64 ID=52310 DF PROTO=UDP SPT=138 DPT=138 LEN=237
Feb 10 16:34:23 radio kernel: [ 4012.052308] [UFW AUDIT] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=235 TOS=0x00 PREC=0x00 TTL=64 ID=52311 DF PROTO=UDP SPT=138 DPT=138 LEN=215
Feb 10 16:34:23 radio kernel: [ 4012.052313] [UFW ALLOW] IN= OUT=enp2s5 SRC=192.168.254.39 DST=192.168.254.255 LEN=235 TOS=0x00 PREC=0x00 TTL=64 ID=52311 DF PROTO=UDP SPT=138 DPT=138 LEN=215
Feb 10 16:34:23 radio kernel: [ 4012.052331] [UFW AUDIT] IN=enp2s5 OUT= MAC= SRC=192.168.254.39 DST=192.168.254.255 LEN=235 TOS=0x00 PREC=0x00 TTL=64 ID=52311 DF PROTO=UDP SPT=138 DPT=138 LEN=215
Feb 10 16:34:29 radio kernel: [ 4017.705758] [UFW AUDIT] IN=enp2s5 OUT= MAC=ff:ff:ff:ff:ff:ff:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.255 LEN=235 TOS=0x00 PREC=0x00 TTL=128 ID=32698 PROTO=UDP SPT=138 DPT=138 LEN=215
martin at radio:~$

Are we missing a port or protocol?

Regards,
Marty




More information about the samba mailing list