Samba What a struggle
Andrew Robinson
awrobinson at cox.net
Thu Mar 4 09:00:36 UTC 2004
Alexander Dalloz wrote:
> Am Mi, den 03.03.2004 schrieb Andrew Robinson um 20:51:
>
>
>># Samba access
>>-A RH-Firewall-1-INPUT -m udp -p udp --dport 137:138 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m udp -p udp --sport 137:138 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 139 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 445 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m udp -p udp --dport 445 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 1512 -j ACCEPT
>>-A RH-Firewall-1-INPUT -m udp -p udp --dport 1512 -j ACCEPT
>>
>>I don't think all of these iptables entries are required to get Samba to
>>work. However, this works for me.
>
>
> .oO Be aware what you open up this way! You are at high risk to open
> your samba filesharing to the whole internet. Be sure you only open
> those ports on your local net and not on outbound devices.
>
How would I restrict these entries to my local net? Do I add an "-s
192.168.1/24" to each line?
Thanks!
Andrew
More information about the users
mailing list