Re: [gentoo-user] Firewalling and Sambra printer.

Sun, 22 Oct 2006 17:30:18 -0700 

Pupeno wrote:
> Hello,
> I have two computers (that are involved in this problem), phoenix is my 
> Gentoo 
> workstation and desktop-1 is someone else's Windows box. Someone else happens 
> to have a printer and I don't, so, from time to time I use his printer. The 
> printer is shared, obviously, thru SMB (it's a windows box). I configured 
> CUPS to connect to it (I just used the KDE Kcontrol to configure it).
> My problem is that when I bring up my firewall (a firewall using iptables on 
> phoenix, just protecting phoenix) printing stops working. In fact, all access 
> to desxtop-1 thru smb stops working.
> The firewall is very simple, a simple stateful all-incomming-closed firewall:
> 
> # iptables -vL
> Chain INPUT (policy DROP 35510 packets, 16M bytes)
>  pkts bytes target     prot opt in     out     source               
> destination
>  329K  558M ACCEPT     all  --  lo     any     anywhere             anywhere
>   36M   54G ACCEPT     all  --  any    any     anywhere             anywhere  
>           
> state RELATED,ESTABLISHED
>     3   228 ACCEPT     icmp --  any    any     anywhere             anywhere  
>           
> icmp echo-request limit: avg 30/min burst 5
>   120  7057 ACCEPT     icmp --  any    any     anywhere             anywhere
>     1    60 ACCEPT     tcp  --  any    any     anywhere             anywhere  
>           
> tcp dpt:ssh
> 
> Chain FORWARD (policy DROP 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source               
> destination
> 
> Chain OUTPUT (policy ACCEPT 21M packets, 3426M bytes)
>  pkts bytes target     prot opt in     out     source               
> destination
> phoenix ~ #
> 
> Do you know why after bringing up this firewall I can't use the printer 
> anymore and/or how to solve it ?
> 
> Thank you.


Well I had a similiar issue a while back.  This is what I did and it worked:


> iptables -I INPUT 2 -p udp --dport 445 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p tcp --dport 445 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p udp --dport 138 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p tcp --dport 138 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p udp --dport 139 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p tcp --dport 139 --source 192.168.0.0/24 -j ACCEPT
> iptables -I INPUT 2 -p tcp --dport 137 --source 192.168.100.0/24 -j ACCEPT
> iptables -I INPUT 2 -p udp --dport 137 --source 192.168.100.0/24 -j ACCEPT

I got that help from here:

http://forums.gentoo.org/viewtopic-p-3371796.html#3371796

Maybe that will help you some.  Oh, may need to change the ip numbers
where needed.

Dale

:-)  :-)  :-)
-- 
gentoo-user@gentoo.org mailing list

Reply via email to