Re: AW: [suse-security] SuSE-firewall with webserver and samba
Christian Eisendle - asut computer wrote:
Hi Birgit!
What does the logfile say?
Try to install "iptraf" (also included in the suse distribution - maybe it is already installed :)
Stop the firewall, start iptraf, choose "IP traffic monitor" and select your network interface. Now try to connect to the samba server with the server-name and look at the output of iptraf - it shows you any IP-connections. Have a look at the tcp and udp ports, which are used and include them in your firewall configuration.
HTH
Christian
Hi Christian, thanks! iptraf shows tcp traffic on ports 139 and 445. both are already open to the trusted net in the firewall. I've now tried to enter one specific IP address in FW_TRUSTED_NETS, rather than a block in the notation 222.222.222.0/25. With this changed setting, access works. So it seems that my FW_TRUSTED_NETS syntax was wrong after all. But what would be the right way to enter a whole block? Confused greetings, Birgit
Hi Christian,
Hi!
thanks! iptraf shows tcp traffic on ports 139 and 445. both are already open to the trusted net in the firewall. Have you seen any UDP connections too?
I've now tried to enter one specific IP address in FW_TRUSTED_NETS, rather than a block in the notation 222.222.222.0/25. With this changed setting, access works. So it seems that my FW_TRUSTED_NETS syntax was wrong after all. But what would be the right way to enter a whole block? *puhh* very strange... ok, start the firewall and have a look at the following iptables-chain:
iptables -L input_ext -n If your settings are correct, there should be a line like this: ACCEPT tcp -- 222.222.222.0/25 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:139 You can also try to enter temporary iptables commands (SuSEfirewall2 is running of course) iptables -I INPUT -s 222.222.222.0/25 -p tcp --dport 139 -j ACCEPT
Birgit
HTH, Christian -- Christian Eisendle mailto:nospam@eisendle.net
participants (2)
-
Birgit Kellner -
Christian Eisendle