On Thu, 2008-04-17 at 09:17 -0400, Claude Jones wrote: > On Thu April 17 2008, Claude Jones wrote: > > I can't declare victory. I am now networked, > > I now know how to break it. Just declare victory. It doesn't have to be total; > victory declarations, qualified, with reservations, with lots of > uselessmumbling, etc...work, too! > > Just switched over to an XP box that had been reliably browsing my Fedora box > for the past hour, and got a "can't find" error. Turned off the firewall on > Fedora, went back to the XP machine, and the connection is restored... WTF?? > > I doubt this is relevant, but here are the relevant entries in iptables: > > Chain INBOUND (1 references) > target prot opt source destination > ACCEPT tcp -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT udp -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT all -- 192.168.2.0/24 anywhere > ACCEPT all -- 192.168.2.1 anywhere > ACCEPT tcp -- anywhere anywhere tcp dpt:ssh > ACCEPT udp -- anywhere anywhere udp dpt:ssh > ACCEPT tcp -- anywhere anywhere tcp > dpts:6881:6889 > ACCEPT udp -- anywhere anywhere udp > dpts:6881:6889 > ACCEPT tcp -- anywhere anywhere tcp dpt:35986 > ACCEPT udp -- anywhere anywhere udp dpt:35986 > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp dpt:ipp > ACCEPT udp -- 192.168.2.0/24 anywhere udp dpt:ipp > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp > dpts:netbios-ns:netbios-ssn > ACCEPT udp -- 192.168.2.0/24 anywhere udp > dpts:netbios-ns:netbios-ssn > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp > dpt:microsoft-ds > ACCEPT udp -- 192.168.2.0/24 anywhere udp > dpt:microsoft-ds > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp dpt:sunrpc > ACCEPT udp -- 192.168.2.0/24 anywhere udp dpt:sunrpc > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp dpt:nfs > ACCEPT udp -- 192.168.2.0/24 anywhere udp dpt:nfs > ACCEPT tcp -- 192.168.2.0/24 anywhere tcp dpt:domain > ACCEPT udp -- 192.168.2.0/24 anywhere udp dpt:domain > ACCEPT tcp -- anywhere anywhere tcp dpt:domain > ACCEPT udp -- anywhere anywhere udp dpt:domain > LSI all -- anywhere anywhere > *************************************** > I know there are issues in there, but, the main point is, why did it suddenly > go dark? Why did it work for a couple of hours this am, and all night, then > suddenly lose it? > *************************************** ---- you need to open ports 137 & 138 also - I think I only see 139 and 445 open, which are in essence, duplicates. It loses it because browser elections occur every 15 minutes and the 'cache' expires and then it requires the ability to poll the master browser. ---- > and there's the Samba and Selinux issue - I'm getting tons of these: ---- I'll let someone else handle the SELinux stuff Craig
