Iptables rule for windows file sharing?
Joel
rees at ddcom.co.jp
Sat Jan 29 07:44:23 UTC 2005
On Fri, 28 Jan 2005 19:50:02 +0100
cjlesh <no-reply-gw at fcp.homelinux.org> wrote
> I am trying to figure out a way to allow the laptop 'see' the shared directories on the Windows machine. If I disable the Fedora firewall, it works.
>
> I would like to do this without disabling the firewall.
> A google search turns up to following command:
>
> iptables -A INPUT -p ALL -i eth0 -s 192.168.0.1 --destination-port 137:139 -j ACCEPT
>
> however this results in an error.
>
> Any help on a reasonable firewall rule to allow windows share traffic on my local network only?
Here's the rules for samba from my /etc/sysconfig/iptables:
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 10.0.0.0/22 --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/22 --dport 445 -j ACCEPT
I don't remember why I did that, but you could probably find it several
months back in the archives.
--
Joel Rees <rees at ddcom.co.jp>
digitcom, inc. 株式会社デジコム
Kobe, Japan +81-78-672-8800
** <http://www.ddcom.co.jp> **
More information about the users
mailing list