Date: Tue, 17 Nov 1998 15:49:37 -0500 From: Forrest Aldrich <forrie@forrie.com> To: freebsd-questions@FreeBSD.ORG Subject: Packet filters and Samba Message-ID: <4.1.19981117153643.00a8ac60@206.25.93.69>
next in thread | raw e-mail | index | archive | help
I seem to be missing something, and wonder if someone might comment. I've read through the relevant docs in Samba regarding this, and still cannot seem to get Samba to work with the ipfw enabled. If I take ipfw down, it works fine, so clearly something else needs to be addressed (no pun intended). I've tried a couple of approaches. My goal is to restrict access to my local network to these ports. However, tested with open access as well. Here's what I have now: $fwcmd add pass tcp from any to ${ip} 139 $fwcmd add pass tcp from any to ${ip} 138 $fwcmd add pass tcp from any to ${ip} 137 $fwcmd add pass udp from any 139 to ${ip} $fwcmd add pass udp from any 138 to ${ip} $fwcmd add pass udp from any 137 to ${ip} $fwcmd add pass udp from ${ip} to any 137 $fwcmd add pass udp from ${ip} to any 138 $fwcmd add pass udp from ${ip} to any 139 First problem is netbios does seem to be able to perform the lookup. I've tried enabling those features in Samba to no avail. If I enter my server's IP in LMHOSTS, I can see the machine on the list, but still cannot connect to the share. I understand that SMB broadcasts itself to the subnet address via UDP... I've sat and watched this with tcpdump. Anyhow, I'm wondering if there is something very simple that I'm overlooking... or perhaps I've run into a bug? This applies to FreeBSD-2.2.7-STABLE and FreeBSD-3.0-CURRENT... I think it's a packet filter issue rather than OS-related. Thanks in advance. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19981117153643.00a8ac60>