In my quest to make SMB browsing work with the default firewall rules,
thus fixing:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133478
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=113918
I have now written a kernel conntrack module (attached) that marks
replies to netbios name requests as RELATED to the original connection.
This means the default firewall rules will work when this module is
loaded. I'm not actually an expert in netbios or firewall stuff, so I'd
love if someone who knew this better took a look at it and made sure it
looks ok.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl(a)redhat.com alla(a)lysator.liu.se
He's an impetuous crooked stage actor on a mission from God. She's a
warm-hearted foul-mouthed opera singer from a different time and place. They
fight crime!