Re: [expert] Shorewall Follies - It's drivin' me NUTS!!

[Jim C]

Well I've got the shorewall rules for samba figured out. Please correct my work if I've made any mistakes. Port 445 is the port that XP/2K use for this purpose and the website did not take XP/2K into account. Port 631 is a network printer which may be important when I get around to putting up the print server. For added security (I hope) I've added entries for smbd and nmbd in hosts.deny and hosts.allow. I'm not sure what effect this will have but hey, like I'm tryin, see. ;-)

Here's a question: Do I need to have tcpd running to get wrappers to work? I thought I heard somewhere that wrappers were handled in the kernel these days.

[root@enigma root]# cat /etc/shorewall/rules.samba.sav ACCEPT fw masq tcp 631,137,139,445 -
ACCEPT fw masq udp 631,137,138,139 -
ACCEPT masq fw tcp 631,137,139,445 -
ACCEPT masq fw udp 631,137,138,139 -
ACCEPT loc masq tcp 631,137,139,445 -
ACCEPT loc masq udp 631,137,138,139 -
ACCEPT masq loc tcp 631,137,139,445 -
ACCEPT masq loc udp 631,137,138,139 -
REJECT net masq tcp 631,137,139,445 -
REJECT net masq udp 631,137,138,139 -
REJECT net fw tcp 137,139,445 -
REJECT net fw udp 137,138,139 -
REJECT net loc tcp 631,137,139,445 -
REJECT net loc udp 631,137,138,139 -
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com