Mailinglist Archive: opensuse (1885 mails)
| < Previous | Next > |
Re: [opensuse] samba ports and SuSEfirewall2
- From: Rodney Baker <rodney.baker@xxxxxxxxxxxx>
- Date: Wed, 8 Apr 2009 18:30:28 +0930
- Message-id: <200904081830.39708.rodney.baker@xxxxxxxxxxxx>
On Wed, 8 Apr 2009 17:15:06 lynn wrote:
Lynn,
Either the firewall is blocking broadcasts from outside (the NAS side) to
inside (the server side) or it is blocking outgoing netbios packets. The NAS
box is trying to do a netbios name query to determine the address of the
server - it is then getting no response so it tries a DNS query (which goes to
your ISP's DNS, which probably doesn't know where your server is anyway, since
it is on your internal network).
The NAS box then tries to force a browser election by claiming to be the
master browser for your network (your server 192.168.1.3 probably should be
the master browser). Apart from DNS, nowhere do I see the server responding to
the netbios name queries and (as Rajko noted elsewhere) your trace finishes
before the browser election is completed.
Does your ADSL router have a built-in firewall? If so, can I suggest that you
enable that and turn off Suse Firewall? That's how I run my network - I have
in fact 2 routers between the network and the outside world - a wireless
router/switch inside the network which talks to the DSL/VoIP modem/router that
is the interface to outside. Both of these devices have firewalls enabled
(probably a bit over the top - one would do) so I dont' bother with the
software firewall (SuSE Firewall) on the server and all Windoze boxes have
their Windoze firewall turned off too.
That way, all machines talking to the server are inside the firewall and I
don't have to worry about access problems between machines (it also helps that
I'm the only user, apart from the wife very occassionally).
HTH.
Rodney.
--
===================================================
Rodney Baker VK5ZTV
rodney.baker@xxxxxxxxxxxx
===================================================
FWIW, the NAS uses BusyBox Linux. Not sure if I can ask questions about
that here.
Try to see with Wireshark (ex etheral). It is included in distro and even
in very simple configuration can tell you what is wrong.
Hi here is the wireshark output. Any idea what it means? If you have a
minute? I've no idea!
http://sierraberniaschool.com/lynn.txt
L x
Lynn,
Either the firewall is blocking broadcasts from outside (the NAS side) to
inside (the server side) or it is blocking outgoing netbios packets. The NAS
box is trying to do a netbios name query to determine the address of the
server - it is then getting no response so it tries a DNS query (which goes to
your ISP's DNS, which probably doesn't know where your server is anyway, since
it is on your internal network).
The NAS box then tries to force a browser election by claiming to be the
master browser for your network (your server 192.168.1.3 probably should be
the master browser). Apart from DNS, nowhere do I see the server responding to
the netbios name queries and (as Rajko noted elsewhere) your trace finishes
before the browser election is completed.
Does your ADSL router have a built-in firewall? If so, can I suggest that you
enable that and turn off Suse Firewall? That's how I run my network - I have
in fact 2 routers between the network and the outside world - a wireless
router/switch inside the network which talks to the DSL/VoIP modem/router that
is the interface to outside. Both of these devices have firewalls enabled
(probably a bit over the top - one would do) so I dont' bother with the
software firewall (SuSE Firewall) on the server and all Windoze boxes have
their Windoze firewall turned off too.
That way, all machines talking to the server are inside the firewall and I
don't have to worry about access problems between machines (it also helps that
I'm the only user, apart from the wife very occassionally).
HTH.
Rodney.
--
===================================================
Rodney Baker VK5ZTV
rodney.baker@xxxxxxxxxxxx
===================================================
| < Previous | Next > |