On Thursday, May 24, 2001, Sam wrote:
> I've been sharing files using samba on my Mandrake 8 machine with other
> Windows PCs in my home network for a while now, and all computers can
> see one another in the network neighborhood.
>
> A few moments ago though, I ran the "Firewall" wizard in the Mandrake
> Control Panel. Now, I find that I can no longer "see" the other
> computers on the network, and vice versa. I can still ping the other
> computers though. I have verified that Samba services are definitely
> running.
>
> What could be the issue here - and how do I rectify it? Or do I need to
> disable the firewall features - and how? Thanks in advance.
It just means that your firewall is working... albeit a little too well.
=)
There are two different ways to do it:
1) As root, run /usr/sbin/InteractiveBastille which will take you
through numerous screens to configure your firewall. When it ask you
what ports you want open, just make sure the port you have samba
listening on is open (and any other services you want available). If
you run it under X, if you have the Bastille-Tk-module package
installed, it will be easier to use. After you're done, the changes are
made.
-or-
2) Also as root, edit the file /etc/Bastille/bastille-firewall.cfg and
find the following (yours may be different):
TCP_PUBLIC_SERVICES="21 22 25 80 143 443 993 3306"
UDP_PUBLIC_SERVICES="21 22 25 80 143 443 993 3306"
TCP_INTERNAL_SERVICES="21 22 25 80 143 443 993 3306 10000"
UDP_INTERNAL_SERVICES="21 22 25 80 143 443 993 3306 10000"
Add the number of your samba port to whichever one you want available.
This file is very well documented, so you might want to take a look at
what else there is. After you made all the changes that you want to
make, run "/etc/rc.d/init.d/bastille-firewall start" to make the changes
take affect (there is no need to "stop" it first... in fact, stopping it
at any time is a security risk =)
And that should do it. Good luck.
(Be sure that any other ports you want open are listed in the .cfg file
as well. Also, take a look at /etc/services to see what service listens
on what port.)
--
[EMAIL PROTECTED], ICQ#: 25370820, OpenPGP key at www.keyserver.net
1024D/39F0BBF4 2024 B7CB 10BF 6BE7 2ECE E0FD 1360 0181 39F0 BBF4
Current Linux uptime: 19 hours 12 minutes.
