http://bugzilla.novell.com/show_bug.cgi?id=541958 Summary: Yast2 Samba Server module does not open enough in SuSEfirewall to allow traffic Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: All OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: johanp@aditus.nu QAContact: jsrain@novell.com Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090730 SUSE/3.5.2-1.2 Firefox/3.0.7, Ant.com Toolbar 1.3 The Yast2 module for Samba Server have a tick box marked "Open ports in firewall" that gives the illusion that marking this tick box would allow Samba traffic to go through the server to the samba server. However that is not the case. Additional setting in the firewall is needed to make the samba server functional. The following additional changes are necessary in "/etc/sysconfig/SuSEfirewall2" 1) Open TCP ports 135,139 and 445 FW_SERVICES_EXT_TCP = "135 139 445" 2) Open UDP posrt 137 and 138 FW_SERVICES_EXT_UDP = "137 138" 3) Allow broadcasts FW_ALLOW_FW_BROADCAST_EXT = "yes" A configuration dialogue is needed as well since a trusted network needs to be assigned in order to browse, i.e. FW_TRUSTED_NETS, for example FW_TRUSTED_NETS="192.168.0.0/24" But this must be configured by the user so it matches the subnet that the Samba server sits on. The alternative to do these fixes is to remove the "Open ports in firewall" and ask te user to do this manually since it is broken anyway. Reproducible: Always Steps to Reproduce: 1. Eetup a Samba server via Yast2 2. 3. Expected Results: That the samba server is fully functional even with SuSEfirewall2 enabled Note: Same problem with FTP Yast2 module which I have reported separately -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.