On 4/11/12 8:48 PM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2012-11-04 13:01, Otto Rodusek wrote:
Hi ListMates,
Would anyone know if it's possible to create firewall rules to allow only certain IP address to enter my Linux Server (Opensuse 12.2 x86_64) running samba (3.6.7-48.12.1.x86_64) from outside so that I can map samba shares from remote locations (windows XP). For example, I would like to ONLY allow ip address 94.90.115.82 (ports tcp 139 & 445) and drop all other ip address trying to access those ports. Actually, I have 3 remote locations so there would actually be 3 different ip addresses to define. Thanks for any help. Best regards. FW_TRUSTED_NETS="94.90.115.82,tcp,port1, 94.90.115.82,tcp,port2, \ 94.90.115.82,tcp,port3, 94.90.115.82,tcp,port4"
I don't remember the exact ports right now, but they are four. Add all the IPs in a single line, or use the backslash, although not officially supported.
- -- Cheers / Saludos,
Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iF4EAREIAAYFAlCWZAsACgkQja8UbcUWM1ysggD+P/HtLlE4ZEO/HDzUtDYRwlW5 /CU+BSyzvv5mwoyNWLIA+gPcWFbatzO5W3v/vtvVnhczdcV1rotgTxXn66D4Kw0e =TyZT -----END PGP SIGNATURE----- Hi Carlos,
Thanks for the quick reply. I have made the mods to /etc/sysconfig/SuSefirewall2, I assume this is the correct place? It will remain there even after updates/upgrades or will I need to make this change every time after updates? Also, from google the ports seem to be as follows: tcp: 139, 445 and udp: 137, 138,139. I hope I got it right - will know after testing!! Thanks. Otto. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org