Mailinglist Archive: opensuse-security (145 mails)

< Previous Next >
AW: [suse-security] SuSEfirewall2 blocks SMB traffic
  • From: "dadirtyluk" <news4dadirtyluk@xxxxxx>
  • Date: Sat, 27 Nov 2004 18:38:19 +0100
  • Message-id: <OGEJINKECGKMNAGMBCNGIEAECFAA.news4dadirtyluk@xxxxxx>
Hey,

If the packets are coming in on the external interface
you must allow the ports with

FW-SERVICES_EXT and not _INT

best regards

luk

-----Urspr√ľngliche Nachricht-----
Von: tmp@xxxxxxxxx [mailto:tmp@xxxxxxxxx]
Gesendet: Samstag, 27. November 2004 17:51
An: suse-security@xxxxxxxx
Betreff: [suse-security] SuSEfirewall2 blocks SMB traffic


Hi!

I do have some problems configuring SuSEfirewall2 for Samba client+server use.
My machine is connected to a router and so is other machine. Does somebody
see what I am doing wrong?

FW_QUICKMODE="no"
FW_DEV_EXT="eth-id-00:0d:87:39:28:9c"
FW_DEV_INT=""
FW_DEV_DMZ=""
FW_ROUTE="no"
FW_MASQUERADE="no"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS=""
FW_PROTECT_FROM_INTERNAL="yes"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="1214 4662 6882 microsoft-ds netbios-dgm netbios-ns
netbios-ssn ssh"
FW_SERVICES_EXT_UDP=""
FW_SERVICES_EXT_IP=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_INT_TCP="139 445"
FW_SERVICES_INT_UDP="137 138"
FW_SERVICES_INT_IP=""
FW_SERVICES_QUICK_TCP=""
FW_SERVICES_QUICK_UDP=""
FW_SERVICES_QUICK_IP=""
FW_TRUSTED_NETS=""
FW_ALLOW_INCOMING_HIGHPORTS_TCP="no"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="no"
FW_SERVICE_SAMBA="yes"
FW_FORWARD=""
FW_FORWARD_MASQ=""
FW_REDIRECT=""
FW_LOG_DROP_CRIT="no"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="no"
FW_LOG_ACCEPT_ALL="no"
FW_KERNEL_SECURITY="yes"
FW_STOP_KEEP_ROUTING_STATE="no"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"
FW_ALLOW_FW_TRACEROUTE="yes"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_ALLOW_FW_BROADCAST="no"
FW_IGNORE_FW_BROADCAST="yes"
FW_ALLOW_CLASS_ROUTING="no"
FW_CUSTOMRULES=""
FW_REJECT="no"
FW_HTB_TUNE_DEV=""
FW_SERVICES_EXT_RPC=""
FW_SERVICES_DMZ_RPC=""
FW_SERVICES_INT_RPC=""
FW_ANTISPOOF="no"
FW_IPv6=""
FW_IPv6_REJECT_OUTGOING="yes"
FW_IPSEC_TRUST="no"
FW_LOG=""
FW_SERVICES_DROP_EXT=""
FW_SERVICES_REJECT_EXT="0/0,tcp,113"
FW_LOG_LIMIT=""


< Previous Next >
This Thread
Follow Ups
References