Samba and Firewall

Bob Chiodini rchiodin at bellsouth.net
Mon Mar 7 13:55:33 UTC 2005 

On Mon, 2005-03-07 at 08:41 -0500, Bob Chiodini wrote:
> On Mon, 2005-03-07 at 20:06 +0800, Shu Hung (Koala) wrote:
> > How to turn on logging of iptables?
> > 
> > Koala
> > 
> > Bob Chiodini wrote:
> > 
> > >On Mon, 2005-03-07 at 12:52 +0800, Shu Hung (Koala) wrote:
> > >  
> > >
> > >>Hello
> > >>I've been working on a Samba machine for a while.
> > >>Recently, I tried to turn on its firewall.
> > >>But my configuration to iptables is flawed somehow -- it is half right 
> > >>and half wrong.
> > >>
> > >>Here is what I've done:
> > >> - I used system-config-securitylevel to config new ports to open
> > >> - I've opened ports   139:tcp, 445:tcp, 137:udp, 138:udp
> > >> - I restart the iptables to load up the configs.
> > >>
> > >>Here is the consequence right now:
> > >> - As I reboot my client PC, I cannot connect to samba shared folders -- 
> > >>unless I stop iptables first
> > >> - After I've connected to Samba once, I can connect to Samba as many 
> > >>time as I want to -- even if I start iptables again.
> > >>
> > >>I guest one more port or something is responsible for the first 
> > >>connection to the server.
> > >>Does anybody have any idea?
> > >>
> > >>-- 
> > >>    
> > >>
> > >Try turning on logging in iptables, if it's not already.
> > >Check /var/log/messages to see what is being dropped, related to your
> > >client.
> > >
> > >Bob...
> > >
> > >  
> > >
> > 
> > -- 
> > Technical Support, DigitalOne Limited
> > Tel: 8100-2616 / 2545-1383
> > Fax: 2815-0593
> > 
> > 
> > 
> > -- 
> > No virus found in this outgoing message.
> > Checked by AVG Anti-Virus.
> > Version: 7.0.308 / Virus Database: 266.6.2 - Release Date: 4/3/2005
> > 
> 
> It depends on how you set up your firewall.  man iptables and search for
> LOG.  You have to add a LOG rule before your REJECT or DROP rules.
> 
> Bob...
> 
> 

Sorry about the reply-to-self.

Another option:  Open up your firewall and run ethereal to determine
what ports and protocols are hitting your server.  Use "host <your IP>"
as the capture filter to cut down on spurious traffic.

I tried this here and did not see anything other than TCP port 139 and
UDP port 137.  

Bob...

More information about the fedora-list mailing list