Anne Wilson wrote:
/etc/hosts is fine. All possible connections on the lan are correctly
defined. dns resolution is via my isp, and again the IP addresses are
correctly set. That leaves the security settings, where I believe the
problem is. So, let's start with iptables. I've never worked directly with
iptables before. I use shorewall when I set up the older server, a long time
ago. /usr/share/doc/iptables... doesn't help. Does that mean that the man
pages are the only help? Googling, I suppose. Any particular documents
recommended?
do an
# iptables-save > somefile
edit somefile and put the following 4 lines "somewhere" (before the
lines that reject everything)
-A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.0.0/24 --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.0.0/24 --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s
192.168.0.0/24 --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s
192.168.0.0/24 --dport 445 -j ACCEPT
adjust the IP sources (the -s 192.168.0.0/24) as you need. I am assuming
that you have a rule like this:
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
then
# iptables-restore < somefile
if you're happy with that, then
# iptables-save > /etc/sysconfig/iptables
so that this survives a reboot.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
