Samba and Firewall
Bob Chiodini
rchiodin at bellsouth.net
Mon Mar 7 13:41:08 UTC 2005
On Mon, 2005-03-07 at 20:06 +0800, Shu Hung (Koala) wrote:
> How to turn on logging of iptables?
>
> Koala
>
> Bob Chiodini wrote:
>
> >On Mon, 2005-03-07 at 12:52 +0800, Shu Hung (Koala) wrote:
> >
> >
> >>Hello
> >>I've been working on a Samba machine for a while.
> >>Recently, I tried to turn on its firewall.
> >>But my configuration to iptables is flawed somehow -- it is half right
> >>and half wrong.
> >>
> >>Here is what I've done:
> >> - I used system-config-securitylevel to config new ports to open
> >> - I've opened ports 139:tcp, 445:tcp, 137:udp, 138:udp
> >> - I restart the iptables to load up the configs.
> >>
> >>Here is the consequence right now:
> >> - As I reboot my client PC, I cannot connect to samba shared folders --
> >>unless I stop iptables first
> >> - After I've connected to Samba once, I can connect to Samba as many
> >>time as I want to -- even if I start iptables again.
> >>
> >>I guest one more port or something is responsible for the first
> >>connection to the server.
> >>Does anybody have any idea?
> >>
> >>--
> >>
> >>
> >Try turning on logging in iptables, if it's not already.
> >Check /var/log/messages to see what is being dropped, related to your
> >client.
> >
> >Bob...
> >
> >
> >
>
> --
> Technical Support, DigitalOne Limited
> Tel: 8100-2616 / 2545-1383
> Fax: 2815-0593
>
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.6.2 - Release Date: 4/3/2005
>
It depends on how you set up your firewall. man iptables and search for
LOG. You have to add a LOG rule before your REJECT or DROP rules.
Bob...
More information about the fedora-list
mailing list