On Fri, 28 Jan 2005 19:50:02 +0100 cjlesh <no-reply-gw@xxxxxxxxxxxxxxxxx> wrote > I am trying to figure out a way to allow the laptop 'see' the shared directories on the Windows machine. If I disable the Fedora firewall, it works. > > I would like to do this without disabling the firewall. > A google search turns up to following command: > > iptables -A INPUT -p ALL -i eth0 -s 192.168.0.1 --destination-port 137:139 -j ACCEPT > > however this results in an error. > > Any help on a reasonable firewall rule to allow windows share traffic on my local network only? Here's the rules for samba from my /etc/sysconfig/iptables: -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 137 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 138 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 139 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 445 -j ACCEPT I don't remember why I did that, but you could probably find it several months back in the archives. -- Joel Rees <rees@xxxxxxxxxxx> digitcom, inc. 株式会社デジコム Kobe, Japan +81-78-672-8800 ** <http://www.ddcom.co.jp> **
