From owner-freebsd-stable  Sat Aug 19  2:37: 9 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from ldc.ro (ldc-gw.pub.ro [192.129.3.227])
	by hub.freebsd.org (Postfix) with SMTP id E3B1237B42C
	for <freebsd-stable@freebsd.org>; Sat, 19 Aug 2000 02:37:03 -0700 (PDT)
Received: (qmail 21208 invoked by uid 666); 19 Aug 2000 09:36:48 -0000
Date: Sat, 19 Aug 2000 12:36:47 +0300
From: Alex Popa <razor@ldc.ro>
To: "O. Hartmann" <ohartman@ipamzlx.physik.uni-mainz.de>
Cc: freebsd-stable@freebsd.org
Subject: Re: SAMBA and IP filtering
Message-ID: <20000819123647.A21179@ldc.ro>
References: <Pine.BSF.4.10.10008181157370.742-100000@ipamzlx.physik.uni-mainz.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <Pine.BSF.4.10.10008181157370.742-100000@ipamzlx.physik.uni-mainz.de>; from ohartman@ipamzlx.physik.uni-mainz.de on Fri, Aug 18, 2000 at 12:03:24PM +0200
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, Aug 18, 2000 at 12:03:24PM +0200, O. Hartmann wrote:
> Is anybody out here who has IP filtering (IPFIREWALL) on and has still
> full SAMBA access via NT clients?
> I have the following problem: IP filtering is enabled and working well on
> our FBSD 4.1 box running samba. One of the first rules is to allow all traffic
> from and to the server via the local network, that means no restrictions. With
> many services this runs well - but not for SAMBA!
> 
> When trying to access a ip-filtering SAMBA server, I see its icon in the
> network neightborhood environment, but when clicking on its icon, I get the
> error message "Access denied, network path not found" after a while. Stopping
> Ip-filtering solves the problem, but that is not the right solution, I think.
> My question is, how to solve this problem.
> 
> Many, many thanks in advance,
> 
> 
> Gruss O. Hartmann
> -------------------------------------------------------------------
> ohartman@ipamzlx.physik.uni-mainz.de
> 
> Klimadatenserver des IPA, Universitaet Mainz
> Netzwerk- und Systembetreuung

AFAIK, the SMP protocol uses some (lots?) of broadcast packets.  If
you are filtering those, you might have the problem you described.

Disclaimer: I am not a SMB expert.

Have Fun!

------------+------------------------------------------
Alex Popa,  |There never was a good war or a bad peace
razor@ldc.ro|                   -- B. Franklin
------------+------------------------------------------
"It took the computing power of three C-64s to fly to the Moon.
It takes a 486 to run Windows 95. Something is wrong here."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message