On Tuesday 02 Sep 2003 11:32 am, Paul Kaplan wrote: > When I activated the firewall in LM9.1 I blocked the ability of my two w2k > LAN clients to see my samba server. No surprise. How can I allow the > clients (and hopefully only those clients) through the firewall? > TIA > Paul
Shorewall (as defined in the Mandrake Config) has three zones net - Internet connectio masq - A Masqueraded local network fw - The Mandrake box itself When the firewall is activated all traffic is blocked from net to fw , from net to masq, and from masq to fw. If you want to allow access from your local network to services running on the firewall (such as Samba), then edit the file /etc/shorewall/policy and make it look like this :- fw net ACCEPT fw masq ACCEPT masq net ACCEPT net all DROP info all all REJECT info Any fine tuning you require (such as opening ports to the internet) is performed in /etc/shorewall/rules So if for example you wanted local users to have access to the Samba server but not other services then instead of editing policy you would put this in rules ACCEPT masq fw tcp 137,138,139 (Ports 137,138,139 are used by Windows networking ) When you have finished shorewall restart The text files are very informative, but if you really prefer using a GUI there is one in Webmin (install webmin RPM then https://localhost:10000 in a browser ) HTH derek -- ---------------------------------- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com