On Sunday 23 April 2006 14:25, Darryl Gregorash wrote:
In general:
FW_SERVICES_INT_TCP="microsoft-ds netbios-dgm netbios-ns netbios-ssn" FW_SERVICES_INT_UDP="netbios-ns"
Don't you mean FW_SERVICES_EXT_TCP AND FW_SERVICES_EXT_UDP? Also, netbios-dgm is a udp protocol.
and on any samba server:
FW_ALLOW_FW_BROADCAST_INT="netbios-ns"
Setting TRUSTED_NETS will open the ports on all network interfaces, and it is certainly not necessary to open -all- highports for UDP.
Here was my problem. SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:10:b5:8d:af:fb:00:0c:6e:63:11:af:08:00 SRC=192.168.0.2 DST=192.168.0.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=139 DF PROTO=UDP SPT=137 DPT=1028 LEN=70 Packets were being dropped because of the destination ports that were being chosen. Here you see DPT=1028, but I saw ports being randomly picked between 1024 and 1030.