Stepan wrote regarding 'Re: [SLE] SuSE 9.1, firewall and samba client' on Thu, Sep 09 at 11:18:
On Wed, 8 Sep 2004, Danny Sauer wrote:
Stepan wrote regarding 'Re: [SLE] SuSE 9.1, firewall and samba client' on Wed, Sep 08 at 12:06: [...]
For ilustration I opened EXT, DMZ and INT for TCP port 139 and 445 and EXT, DMZ and INT for UDP port 137 and 138. I have FW__QUICKMODE="no" and I set FW_SERVICE_SAMBA="yes" (even if I don't want samba server, I need to be only client). But still get same result: # nmblookup -M KFY querying KFY on 157.218.65.255 name_query failed to find name KFY#1d
Is there a master browser on your network? Yes there is but I have to tell that we have not identified problems with resolving names. I always test the MS network if it was working correctly.
Are you querying a win 95 machine (which requires the -r option)? No, usualy it is a MS NT, MS 2000 or MS XP. Is KFY a machine or domain name? It is a workgroup.
Can you look up the name of a machine by name or IP: nmblookup windowsserver nmblookup -A 1.2.3.4 What output do you get if you run "nmblookup -d3 -M KFY" # nmblookup -d3 -M KFY lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" added interface ip=157.218.65.109 bcast=157.218.65.255 nmask=255.255.255.0 Socket opened. querying KFY on 157.218.65.255 Got a positive name query response from 157.218.65.59 ( 157.218.65.59 ) 157.218.65.59 KFY<1d>
Is this with the firewall on or off?
When this ocure then: # nmblookup hiden-eqp querying hiden-eqp on 157.218.65.255 name_query failed to find name hiden-eqp
When I swith off FW then it works. Anything else what can be tested or viewed?
Basically, at this point I'd suggest that you fire up a sniffer on your network somewhere, and see if the broadcast is going out & if a response is being generated. Either your firewall is either blocking the outgoing packet or the incoming packet, or the machine just isn't responding. Since it works without the firewall, the firewall must be the problem. Try starting the firewall, then run iptables -F OUTPUT iptables -P OUTPUT ACCEPT See if it works. If so, then the outgoing rules aren't breaking it. Same deal with input - restart the firewall and run iptables -F INPUT iptables -P INPUT ACCEPT If it works then, something on the input chain is blocking the response. Restart the firewall and check out the output of IPTABLES -L. You should be able to see what the heck's blocking the traffic. --Danny