On Saturday 23 Nov 2002 6:27 pm, Joan Tur wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hallo!
>
> I'd like to let other computers running windows to print through my samba
> shared printer, and I'm using MDK9's firewall (shorewall)... should I let
> any specific port open for them to be able to do so?? 8-?
>
> TIA
> - --
> Joan Tur. Eivissa-Spain
Yes by default shorewall will block services originating on the computer
running the firewall from both the Internet AND the local network. So you
have to open up ports137, 138, and 139 to the local network.
It is easy to configure just edit the file /etc/shorewall/rules
The bottom few lines contain which services are allowed to go between
fw - The Firewall (think of it as the centre of your computer)
net- The Internet interface
masq- An Internet connection sharing interface to the local network
loc - a Local Interface without masquerading
There are separate lines for udp and tcp protocols.
mine contains this :-
ACCEPT net fw tcp 80,25 -
ACCEPT masq fw tcp
53,80,443,25,8118,ssh,domain,bootps,http,https,137,138,139,631,imap,pop3,smtp,nntp,ntp,10000
-
ACCEPT masq fw udp
53,ssh,domain,bootps,http,https,137,138,139,631,imap,pop3,smtp,nntp,ntp,10000
-
ACCEPT fw masq tcp ssh,631,137,138,139 -
ACCEPT fw masq udp ssh,631,137,138,139 -
So Samba is allowed to operate between my masqueraded network and the
firewall, and from the firewall and the masqueraded network, but not in from
the Internet.
After editing the file restart shorewall with
service shorewall restart
HTH
derek
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
