setting port ranges via Security Level GUI?

Gerald Thompson geraldt at telus.net
Fri Oct 22 09:34:14 UTC 2004


Joel wrote:

>Can it be done?
>
>If not, what do most people do when opening the netBIOS ports for samba
>(those who use samba, that is)? I assume, even though it only buys a
>speedbump, most people only open the netBIOS ports to the local net.
>
>Manual editing of /etc/sysconfig/iptables (in spite of
>system-config-securitylevel warning away from that)?
>
>Incidentally, when adding rules from the shell, I seem to have noticed
>that you can't specify multiple protocols and multiple ports in the same
>line like
>
>    iptables -A INPUT -p ALL -i eth0 -s 10.5.0.0/22 --destination-port
>137:139 -j ACCEPT
>
>Seems that -p All and --destination-port start:end conflict with each
>other. Am I imagining things?
>
>  
>
You might want to try this, though I currently have my firewall turned 
off on the Linux box.
Windows XP firewall exception for File and Printer Sharing:
TCP 139
TCP 445
UDP 137
UDP 138

I have had the win xp firewall turned on for a while and those are the 
default port assignments that ms uses for net bios, try opening those 
ports up on your Linux box and see if that works.  I would test it on 
mine, but it is tied up running a process right now.

Sincerely,
Gerald
geraldt at telus.com




More information about the fedora-list mailing list