Re: Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!

From: Arsenio Lupin (lupiniii__SPAMMERDIMERXX_at_hotmail.com)
Date: 11/14/03

Next message: Simon Dean: "Re: Is this an MTU problem?"
Previous message: Bill Marcum: "Re: RH Linux 9 suspends application program execution for long periods"
In reply to: Arsenio Lupin: "Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Next in thread: Andrew Schulman: "Re: Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Reply: Andrew Schulman: "Re: Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 14 Nov 2003 07:57:40 GMT

Arsenio Lupin in D7Qsb.17102$9_.610964@news1.tin.it magna cum audacia dixit:

> The script works well, but it doesn't work at all with my samba share.
> (samba works perfectly if i shut down iptables)

[blablabla]

!!!!! I've found the problem .!!!!

> ### DEFAULT CHAIN ### Imposta le policy di default
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -P OUTPUT DROP
> iptables -t nat -P POSTROUTING DROP
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
is this policy that drop the packets i need.
The clients have full access to the server with the rules that follow, i
think:

[cut]
> # LAN IN ACCESS Regole che permettono l'accesso al firewall Linux
> dagli IP #della rete Interna
> iptables -A INPUT -i $INTIF_1 -s $LANIN_1 -j ACCEPT
> iptables -A INPUT -i $INTIF_2 -s $LANIN_2 -j ACCEPT
> iptables -A OUTPUT -o $INTIF_1 -d $LANIN_1 -j ACCEPT
> iptables -A OUTPUT -o $INTIF_2 -d $LANIN_2 -j ACCEPT
[cut]

That rules about SAMBA are probably useless.

> # SAMBA
> iptables -A INPUT -p udp -s $LANIN_1 -d $LANIN_1 -m multiport --dports
> 135,137,138,631 -j ACCEPT
> iptables -A INPUT -p tcp -s $LANIN_1 -d $LANIN_1 -m multiport --dports
> 135,137,138,139,445,631 -j ACCEPT
> iptables -A OUTPUT -p udp -s $LANIN_1 -d $LANIN_1 -m multiport
> --sports 135,137,138,631 -j ACCEPT
> iptables -A OUTPUT -p tcp -s $LANIN_1 -d $LANIN_1 -m multiport
> --sports 135,137,138,139,445,631 -j ACCEPT
> #iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-- 
>>>>>>>>>>>>>>><<<<<<<<<<<<<<<
Arsenio Lupin

Next message: Simon Dean: "Re: Is this an MTU problem?"
Previous message: Bill Marcum: "Re: RH Linux 9 suspends application program execution for long periods"
In reply to: Arsenio Lupin: "Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Next in thread: Andrew Schulman: "Re: Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Reply: Andrew Schulman: "Re: Iptables and SAMBA - I'm going MAAAAAAAAAAAAAAAAAADDDDDDD!!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: Iptables and SAMBA - Im going MAAAAAAAAAAAAAAAAAADDDDDDD!!!
... but it doesn't work at all with my samba share. ... > (samba works perfectly if i shut down iptables) ... > # LAN IN ACCESS Regole che permettono l'accesso al firewall Linux dagli IP ... > #della rete Interna ...
(comp.os.linux.networking)
Re: Samba issue - Newbie looking for some advice
... Think this issue is due to the iptables running. ... > network neighborhood, it finds it quickly enough, ... > and states that it is a samba server. ... > But when I do this from a command line on my windows ...
(RedHat)
Re: Help: My girlfriends XP box cant see my Linux samba shares
... Mike Martin wrote: ... >I've goggle'd all over and read ten different sites for Samba conf but I'm ... Just a checkup - this should show everything is shared on your linux box. ... iptables -P FORWARD ACCEPT ...
(alt.os.linux)
Re: iptables / Samba / internet connectivity
... I assume that iptables starts when linux boots ... I can't access my samba server from my Windows ... but my windows machines can access the internet. ...
(comp.os.linux.networking)
Re: Nautilus slow to browse samba shares
... > that was for setting up a sever as a PDC. ... >> So it would seem that my Samba troubles are history, ... My iptables is part of IPCop firewall and is running on yet another Linux ...
(Fedora)