Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: Re[2]: [suse-security] Firewall 2.0: Samba services

----- Original Message -----
From: "Stefan Schmitz" <s.schmitz@xxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Sunday, March 12, 2000 11:56 PM
Subject: Re[2]: [suse-security] Firewall 2.0: Samba services

> >> > Hello,
> >>
> >> > With Firewall 1.4 and 2.0 i have a problem:
> >>
> >> > The SuSE Firewall blocking all SAMBA pakets from my internal
network
> >> >
> >

> >> > My system has 5 Networkcards. All pakets from my local networks,
e.g. 192.168.1.0:138 -> 192.168.2.0:138, will be blocked :-((
> >>
> >> > When comes a bugfix ?
> >>
> >> > greetings
> >> > daniel
> >>
> >> hi,
> >>
> >> my settings in /etc/rc.config.d/firewall.rc.config to become full
access for
> >> samba by the internal network:
> >>
> >> FW_SERVICE_INTERNAL_TCP="... 137:139 ..."
> >> FW_SERVICE_INTERNAL_UDP="... 137:139 ..."
> >>
> >> the settings 137:139 in the udp part is responsible for resolving
> >> questions by the netbios services.
> >>
> >> in this case, there is no reason for a bugfix. (it works fine)
> >>
> >> greetings
> >> s.schmitz
>
> > That's uninteresting because i allow all services for all hosts in
my internal network:
> > --------------cut-----------------
> > FW_PROTECT_FROM_INTERNAL="no"
> > --------------cut-----------------
>
> > So well ${FW_SERVICE_INTERNAL_TCP} and ${FW_SERVICE_INTERNAL_UDP}
should be emtpy.
> > Or is that a mistake ?
>
> > greetings
> > daniel
> hmmm.....i think your fw-settings seems ok.
>
> mybe your samba configuration has fault settings or your
> there were missing kernel settings! ?
>
> on my server samba 2.05a still works fine in combination with
> firewaling (ipchains 1.4/2.0).
>
> i hope you will solve your problem soon.

Today i resived a email from marc :-) I must allow the comunication for
every internal network with:
FW_FORWARD_TCP="...." and FW_FORWARD_UDP="..."
I'm test it tomorow.

greetings
Daniel



< Previous Next >