[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Iptables rule for windows file sharing?

From: Rick Stevens <rstevens vitalstream com>
To: cjlesh gmail com, For users of Fedora Core releases <fedora-list redhat com>
Cc:
Subject: Re: Iptables rule for windows file sharing?
Date: Fri, 28 Jan 2005 13:49:39 -0800

cjlesh wrote:

Hey all:

Thanks for the replies, however none of these seem to work for me...any other ideas?

Again, when I disable the firewall I can see and access the shares, but I can't seem to find a reasonable set of firewall rules to enable this.

Anyway to make this work with the system-config-security level gui?


You need to permit incoming TCP and UDP to ports 137-139 and 445.  I'd
restrict the source address to machines on your subnet.  Some simple
rules that can be inserted into your /etc/sysconfig/iptables file
(assuming you're using 192.168.1.x/24 as your local network) would be:

    -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 137:139 -j ACCEPT
    -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 137:139 -j ACCEPT
    -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 445 -j ACCEPT
    -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 445 -j ACCEPT

TCP/UDP port 445 is used for Windows domain services and may not be
necessary if you're not running a Windows domain or use domain security.

As for the GUI, simply add in those ports.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-        Hard work has a future payoff. Laziness pays off now.       -
----------------------------------------------------------------------

References:
- Re: Iptables rule for windows file sharing?
  - From: cjlesh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]