Aelius Maximus wrote:
>
> Can you give me an example about that reverse rule... or if that is
> possible to you, can you give me your working rules related to
> SAMBA/netbios ?
Here's a bundle of rules between two subnets on my wan:
$IPTABLES -A FORWARD --source cardinal.lan/24 --destination
cardridg.lan/24 \
-m multiport --protocol tcp --dports
135,netbios-ns,netbios-dgm,netbios-ssn,wins \
-j ACCEPT
$IPTABLES -A FORWARD --destination cardinal.lan/24 --source
cardridg.lan/24 \
-m multiport --protocol tcp --dports
135,netbios-ns,netbios-dgm,netbios-ssn,wins \
-j ACCEPT
$IPTABLES -A FORWARD --source cardinal.lan/24 --destination
cardridg.lan/24 \
-m multiport --protocol udp --dports
135,netbios-ns,netbios-dgm,netbios-ssn,wins \
-j ACCEPT
$IPTABLES -A FORWARD --destination cardinal.lan/24 --source
cardridg.lan/24 \
-m multiport --protocol udp --dports
135,netbios-ns,netbios-dgm,netbios-ssn,wins \
-j ACCEPT
I know that some of these are UDP, some are TCP, but I can't figure out
which should be which, so I allow both UDP and TCP on all windows
related ports. (Yes, I'm sloppy). Also, the MS KB info is hard to find
and contradicts itself.
These are forward rules; for input rules you'd have to allow both sport
and dport instead of reversing the source and destination.
--Yan
--
Famous first words: My, my, my, my, my!
Jason, age 16 mos, to his older sister
spam killer code kpwq1jkcsEzdx39gnkVvgycd15ayqq
(see http://www.paganini.net/ask)
