Am Mi, den 03.03.2004 schrieb Andrew Robinson um 20:51:
# Samba access -A RH-Firewall-1-INPUT -m udp -p udp --dport 137:138 -j ACCEPT -A RH-Firewall-1-INPUT -m udp -p udp --sport 137:138 -j ACCEPT -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 139 -j ACCEPT -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 445 -j ACCEPT -A RH-Firewall-1-INPUT -m udp -p udp --dport 445 -j ACCEPT -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 1512 -j ACCEPT -A RH-Firewall-1-INPUT -m udp -p udp --dport 1512 -j ACCEPT
I don't think all of these iptables entries are required to get Samba to work. However, this works for me.
.oO Be aware what you open up this way! You are at high risk to open your samba filesharing to the whole internet. Be sure you only open those ports on your local net and not on outbound devices.
Indeed!
That's pretty much the same set I'm running on my samba PDC (which is behind a firewall), although I can say that you do -not- need the UDP port 445 (445 only uses TCP).
Additionally, I believe you only need 1512 open if this system is the network's WINS server.
