Iptables rule for windows file sharing?

Joel rees at ddcom.co.jp
Sat Jan 29 07:44:23 UTC 2005


On Fri, 28 Jan 2005 19:50:02 +0100
cjlesh <no-reply-gw at fcp.homelinux.org> wrote

> I am trying to figure out a way to allow the laptop 'see' the shared directories on the Windows machine. If I disable the Fedora firewall, it works. 
> 
> I would like to do this without disabling the firewall.
> A google search turns up to following command:
> 
> iptables -A INPUT -p ALL -i eth0 -s 192.168.0.1 --destination-port 137:139 -j ACCEPT
> 
> however this results in an error.
> 
> Any help on a reasonable firewall rule to allow windows share traffic on my local network only?

Here's the rules for samba from my /etc/sysconfig/iptables:

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 445 -j ACCEPT

I don't remember why I did that, but you could probably find it several
months back in the archives.

--
Joel Rees   <rees at ddcom.co.jp>
digitcom, inc.   株式会社デジコム
Kobe, Japan   +81-78-672-8800
** <http://www.ddcom.co.jp> **




More information about the users mailing list