Samba and Firewall

Freeman, Peter (ERHS) Freeman.Peter at saugov.sa.gov.au
Mon Dec 9 18:51:21 CST 2002



>I've configured SAMBA service. I've defined several shares which are, 
>as expected accessible from the clients. However, after activating the 
>firewall (I need IP masquerading) clients have no access anymore to the 
>Samba service. Does anybody know how I can solve this problem.

Sounds like ports 138/139 are being blocked from your local LAN.

Check your firewall configuration to make sure that local LAN traffic is
allowed, and all external traffic is blocked except for the ports
you specifically allow.

Check the firewall logs after trying to connect to the Samba shares from
a local client, it should give you some info about what has been blocked,
and which port etc.

(Also you may want to set the "hosts allow" parameter in smb.conf to allow
only the local LAN subnet, this is a secondary security measure to the 
firewall as any external netbios traffic should be blocked there anyway.)

HTH

-- 
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject



More information about the linuxsa mailing list