[luau] samba spanking
MonMotha
monmotha at indy.rr.com
Wed Sep 11 11:23:00 PDT 2002
R. Scott Belford wrote:
> Firewall. Did I mention that I had monmotha's firewall on the 7.2 boxes? I
> had enabled port 139, but, no go. Just a little while a go I decided to
> flush the chains. On the one hand, and to the dismay of about 25 users,
> this shut down the interface to all traffic. Once resolved, though, I was
> suddenly able to browse the shares, from everywhere. Ouch.
>
> Samba is a wonderful thing. It works like the proverbial charm, except for
> these rare occasions when the admin breaks it. For those of you who have
> not used it, don't let my panicked post fool you. It is rather seemless to
> use. Sorry for the wasted traffic.
>
> scott
NetBIOS name resolution works by using broadcast. This means that you
will need to allow udp port 138 (I believe, whatever netbios-ns is) from
255.255.255.255 if general broadcast is used (as opposed to the subnet
broadcast, the last address in the subnet, which is included in your
INTERNAL_LAN setting). This poses a problem similar to DHCP.
Run my script, then "iptables -I INPUT -p udp --dport 138 -i <lan
interface> -s 255.255.255.255 -j ACCEPT" should fix the problem.
--MonMotha
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 252 bytes
Desc: not available
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20020911/f05f2712/attachment-0001.pgp>
More information about the LUAU
mailing list