Date: Tue, 17 Nov 1998 15:49:37 -0500 From: Forrest Aldrich <forrie@forrie.com> To: freebsd-questions@FreeBSD.ORG Subject: Packet filters and Samba Message-ID: <4.1.19981117153643.00a8ac60@206.25.93.69>
next in thread | raw e-mail | index | archive | help
I seem to be missing something, and wonder if someone might comment.
I've read through the relevant docs in Samba regarding this, and still
cannot seem
to get Samba to work with the ipfw enabled.
If I take ipfw down, it works fine, so clearly something else needs to be
addressed (no pun intended).
I've tried a couple of approaches. My goal is to restrict access to my
local network to these ports.
However, tested with open access as well. Here's what I have now:
$fwcmd add pass tcp from any to ${ip} 139
$fwcmd add pass tcp from any to ${ip} 138
$fwcmd add pass tcp from any to ${ip} 137
$fwcmd add pass udp from any 139 to ${ip}
$fwcmd add pass udp from any 138 to ${ip}
$fwcmd add pass udp from any 137 to ${ip}
$fwcmd add pass udp from ${ip} to any 137
$fwcmd add pass udp from ${ip} to any 138
$fwcmd add pass udp from ${ip} to any 139
First problem is netbios does seem to be able to perform the lookup. I've
tried enabling those
features in Samba to no avail. If I enter my server's IP in LMHOSTS, I can
see the machine on
the list, but still cannot connect to the share.
I understand that SMB broadcasts itself to the subnet address via UDP...
I've sat and watched
this with tcpdump.
Anyhow, I'm wondering if there is something very simple that I'm
overlooking... or perhaps I've
run into a bug?
This applies to FreeBSD-2.2.7-STABLE and FreeBSD-3.0-CURRENT... I think
it's a packet filter
issue rather than OS-related.
Thanks in advance.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19981117153643.00a8ac60>