Iptables rule for windows file sharing?
Dale Sykora
dalen at czexan.net
Fri Jan 28 22:23:14 UTC 2005
Temlakos wrote:
> On Fri, 28 Jan 2005 13:02:27 -0600, Dale Sykora <dalen at czexan.net> wrote:
>
>
>>I remember having to open port 445 also.
>>Here is what worked for me from /etc/sysconfig/iptables
>>
>>-A RH-Firewall-1-INPUT -p udp --dport 137:138 -j ACCEPT
>>-A RH-Firewall-1-INPUT -p tcp --dport 139 -j ACCEPT
>>-A RH-Firewall-1-INPUT -p tcp --dport 445 -j ACCEPT
>
>
> I just tried the above. And whenever I restart with that
> configuration, I can't see my Windows box, or my own box, at all in
> the "Networks" folder. Samba and Windows must be using some port or
> ports other than those above.
>
> And just so everyone understands, I try to limit it to just my home
> network, thus:
>
> -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -p udp --dport 137:138 -j ACCEPT
> -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -p tcp --dport 139 -j ACCEPT
> -A RH-Firewall-1-INPUT -s 192.168.1.0/24 -p tcp --dport 445 -j ACCEPT
>
> And as I say, I still don't have enough ports open.
>
> I've also tried opening all TCP and UDP ports between 135 and 139, and
> both the TCP and the UDP ports numbered 445. Still no result.
>
> Temlakos
>
Temlakos,
Sorry it didn't work. I'll try and dig up when I posted this issue to
the list many months ago. I didn't find it in my local email so I'll
check the archives. You might want to tail -f the samba log file while
testing to see if any errors show up.
Thanks,
Dale
More information about the fedora-list
mailing list