Can you give us a closer look to your rules concerning port 135:139 than your overview? Maybe something is missing there. Is logging enabled on your firewall? And if: Can you give us a look on the rejected packets when you're trying to connect with a samba client? Regards Ralf

...

When setting samba=yes in firewall.rc.config, udp-port 137:138 is open for the whole world. I want to close these ports. But when i set samba to "no" and opening the tcp and upd ports for samba only for my internal network, it doesn't work.

...

...

you can configure samba to listen only on the internal interface. Another thing is, that you need port 139 (tcp+udp ?), too.

My configuration is: UPD 135:139 and TCP 135:139 open for internal network and samba=no in firewall.rc.config... When setting samba=yes there will be ONLY an extra rule which looks like this: $IPCHAINS -A input -j "$ACCEPT" -p udp -d 0/0 137:138 $LAA

Why doesn't work samba without this rule????

* * Ralf Koch * mailto:info@formel4.de *

Can you give us a closer look to your rules concerning port 135:139 than your overview? Maybe something is missing there. Is logging enabled on your firewall? And if: Can you give us a look on the rejected packets when you're trying to connect with a samba client? Regards Ralf

...

When setting samba=yes in firewall.rc.config, udp-port 137:138 is open for the whole world. I want to close these ports. But when i set samba to "no" and opening the tcp and upd ports for samba only for my internal network, it doesn't work.

...

...

you can configure samba to listen only on the internal interface. Another thing is, that you need port 139 (tcp+udp ?), too.

My configuration is: UPD 135:139 and TCP 135:139 open for internal network and samba=no in firewall.rc.config... When setting samba=yes there will be ONLY an extra rule which looks like this: $IPCHAINS -A input -j "$ACCEPT" -p udp -d 0/0 137:138 $LAA

Why doesn't work samba without this rule????

* * Ralf Koch * mailto:info@formel4.de *