Samba help

Andrew Robinson awrobinson at cox.net
Fri Jan 9 03:01:05 UTC 2004


At 06:27 PM 1/8/2004 -0800, you wrote:
>Rick Stevens wrote:
>
>>Those first 6 rules could be rewritten as two:
>>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 137:139 
>>-j ACCEPT
>>-A RH-Firewall-1-INPUT  -m state --state NEW -m udp -p udp --dport 
>>137:139 -j ACCEPT
>>Saves space and typing.  ;-)
>
>And since it's documented that 137 and 138 use UDP and 139 uses TCP, you 
>could save *4* more characters with:
>
>-A RH-Firewall-1-INPUT -m udp -p udp --dport 137:138 -j ACCEPT
>-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 139 -j ACCEPT
>
>Even if you want to leave the "-m state --state NEW" on the tcp-139 line, 
>I'd leave it off of the udp on general principles, and because I know it 
>works that way.

Please explain. OK, this is a request for an iptables tutorial. And BTW, 
I'm buying, but I'm still asking for the sales pitch ;).

Andrew





More information about the fedora-list mailing list