From: Alex Boag-Munroe (ajbm@ntlworld.com)
Date: Fri Nov 17 2000 - 15:34:15 PST
In your samba config (I use SWAT) you need to bind Samba to a particular
network address or network interface. Left at default, it attempts to talk
to all local interfaces.
The Netbios ports ARE a security risk, so firewalling them is good.
Thanks
Alex
On Friday 17 November 2000 20:36, you wrote:
> Need some help here. . . My log file is getting spammed with the following
> entrys;
>
> Nov 17 12:01:22 dt0d4nad kernel: Packet log: input DENY eth1 PROTO=17
> 204.210.88.224:138 10.1.28.255:138 L=241 S=0x00 I=41439 F=0x0000 T=64 (#44)
> Nov 17 12:04:22 dt0d4nad kernel: Packet log: input DENY eth1 PROTO=17
> 204.210.88.224:138 10.1.28.255:138 L=241 S=0x00 I=41504 F=0x0000 T=64 (#44)
> Nov 17 12:07:22 dt0d4nad kernel: Packet log: input DENY eth1 PROTO=17
> 204.210.88.224:138 10.1.28.255:138 L=241 S=0x00 I=41577 F=0x0000 T=64 (#44)
> Nov 17 12:10:22 dt0d4nad kernel: Packet log: input DENY eth1 PROTO=17
> 204.210.56.88:224 10.1.28.255:138 L=241 S=0x00 I=41637 F=0x0000 T=64 (#44)
>
> Here's what's strange. . .*
> 10.1.28.1 -> This is my internal network (On eth1)
> 204.210.88.224 -> This is my External IP (On eth0) via DHCP from my cable
> provider.
> I get these messages every few min.
>
> So. . my box is attempting to connect with itself? This all seemed to
> start when I enabled samba so I could use the linux box as a file server on
> my internal network. Any ideas?
>
> Oh one other thing. . Samba tries to serve the external network as well.
> but PMfirewall is successfully blocking that. . however I am still looking
> for a way to tell Samba to service eth1 ONLY. Any help there would also be
> appreciated.
>
> *The IP's have been changed to protect the stupid.(me)
>
> -TIA
>
> OByte
>
>
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> ***************************************************************************
>* * To UNSUBSCRIBE from the list, send a message with "unsubscribe
> pmfirewall" * in the message body to majordomo@pointman.org. Please direct
> other * questions, comments, or problems to pmfirewall-owner@pointman.org.
> *
> * Need answers fast? Check the list archive located at:
> * http://www.pointman.org/PMFirewall/list-archive/
> *
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:37:53 PDT