From: raul@asmodean.net
Date: Thu Mar 08 2001 - 04:52:15 PST
Add the rule:
$IPCHAINS -A input -p tcp -s [ip of win98 machine /32] -d [ip of internal
if] 137:139 -j ACCEPT
That will do it.
Also, just as a matter of checking I would make sure you have something
like
hosts allow = [ip to allow] 127.0.0.
in your smb.conf file. This adds a little more security.
On Wed, 7 Mar 2001, Adam Lussier wrote:
> Date: Wed, 7 Mar 2001 22:56:04 -0800 (PST)
> From: Adam Lussier <alussier@home.com>
> Reply-To: pmfirewall@pointman.org
> To: pmfirewall@pointman.org
> Subject: [pmfirewall] SAMBA From External IP
>
> Howdy all.
>
> A brief description of the problem:
>
> I would like to get a machine with a static IP, outside of the local
> network, to connect to the PMFirewall machine via Samba
>
> The config:
>
> I have a Linux Box(Slackware Kernel 2.2.17) that has a static IP via our
> ISP on eth0 and is hosting a local network on eth0:1. The local address
> is 192.168.1.1. All of the machines on the 192.168.1.x network can see
> the linux box just fine.
>
> I have another machine that has a static IP assigned via our ISP running
> Win98. I would like to get this machine to see the Linux box(Samba),
> but I am not sure how to configure PMFirewall to do this.
>
> What should I add in the pmfirewall.rules.x files to allow the Win98
> machine to get through PMFirewall so it can gain access via Samaba?
>
> Side Notes:
>
> * The Win98 machine can connect to the linux box if PMFirewall is
> disabled. So I assume that Samba is setup properly.
>
> * Each time I try to connect to my linux box from the Win98 machine, the
> PMFirewall log file shows a flood of DENYs from my linux box IP address.
> I still don't understand this one?
>
> Thanks for the help!
>
> -Adam
>
> ****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
> * in the message body to majordomo@pointman.org. Please direct other
> * questions, comments, or problems to pmfirewall-owner@pointman.org.
> *
> * Need answers fast? Check the list archive located at:
> * http://www.pointman.org/PMFirewall/list-archive/
> *
>
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:40:33 PDT