Date: Wed, 15 Nov 2006 19:10:51 +0200 From: Andrei Kolu <antik@bsd.ee> To: freebsd-pf@freebsd.org Subject: problems connecting samba shares Message-ID: <200611151910.53727.antik@bsd.ee> In-Reply-To: <d4f1333a0610131423g2bc39694rb8dea6b8a49e3b12@mail.gmail.com> References: <56217.24.161.8.173.1159492654.squirrel@mail.poklib.org> <54636.24.161.8.173.1160744143.squirrel@mail.poklib.org> <d4f1333a0610131423g2bc39694rb8dea6b8a49e3b12@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! I am struggling here with PF firewall and just can't connect to any samba share if PF is enabled: set block-policy return set loginterface rl0 scrub in all block in log all pass out all keep state table <blacklist> persist file "/etc/blacklist" pass inet proto icmp from any to any antispoof for rl0 pass in on rl0 proto udp from any to (rl0) port 445 keep state pass in on rl0 proto udp from any to (rl0) port 137 keep state pass in on rl0 proto udp from any to (rl0) port 138 keep state pass in on rl0 proto udp from any to (rl0) port 139 keep state pass in on rl0 proto tcp from any to (rl0) port 22 keep state pass in on rl0 proto tcp from any to (rl0) port 80 keep state pass in on rl0 proto tcp from any to (rl0) port 445 keep state pass in on rl0 proto tcp from any to (rl0) port 137 keep state pass in on rl0 proto tcp from any to (rl0) port 138 keep state pass in on rl0 proto tcp from any to (rl0) port 139 keep state block on rl0 from <blacklist> to any # tcpdump -n -e -ttt -i pflog0 278062 rule 0/0(match): block in on rl0: 192.168.2.100.137 > 192.168.2.101.53259: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611151910.53727.antik>