Check www.samba.org under documentation for more information on network neighbourhood. It explain port 137, port 138 and port 139.
--- Kaleb Pederson <[EMAIL PROTECTED]> wrote: > Hmm... That's interesting. I started out with the > firewall blocking > everything and then slowly allowed in ports based on > what was being > logged. I did check the rest of my policy to make > sure that it wasn't > listed in a different place and it's not. > > What I have is completely functional as far as samba > is concerned, > although I should have moved port 443 to a different > section in my > policy. This server has been up and running for > quite a while using the > above iptables policy. I bet if you try it, even > with logging > everything that gets dropped/rejected you will find > that it isn't using > the other ports you mentioned. > > Anyone else have any experience with this? > > --Kaleb > > -----Original Message----- > From: Mark Brosius [mailto:[EMAIL PROTECTED]] > Sent: Friday, June 14, 2002 8:06 AM > To: Kaleb Pederson > Cc: [EMAIL PROTECTED] > Subject: RE: [Samba] ipchains question > > It looks like you still need to allow port 137 on > TCP, 138 on TCP and > 139 > on UDP. Oh, and 443 is for https. > > Mark > > On Fri, 14 Jun 2002, Kaleb Pederson wrote: > > > Here is what I use (with iptables) for incoming > requests. This is > what > > I'm currently using and believe this is all that > is required. > > > > from my iptables_policy file (using the > iptables-restore format): > > -A samba -p tcp -m tcp --dport 139 -j ACCEPT > > -A samba -p tcp -m tcp --dport 443 -j ACCEPT // > don't remember why > > 443/445 > > -A samba -p tcp -m tcp --dport 445 -j ACCEPT // > were necessary... > > -A samba -p tcp -m tcp --dport 901 -j ACCEPT // > swat > > -A samba -p udp -m udp --dport 137 -j ACCEPT > > -A samba -p udp -m udp --dport 138 -j ACCEPT > > > > --Kaleb > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > > On Behalf Of Mark Brosius > > Sent: Friday, June 14, 2002 7:50 AM > > To: Raymond Norton > > Cc: [EMAIL PROTECTED] > > Subject: Re: [Samba] ipchains question > > > > My guess is that you need to allow NetBIOS > traffic. I think the ports > > are > > 137-139 for TCP and UDP. You might want to allow > NetBIOS traffic on > > your > > LAN but do not allow it to go past your firewall > to the internet. > > > > Mark > > > > On Fri, 14 Jun 2002, Raymond Norton wrote: > > > > > I have a couple questions that I will submit > separately. When I have > > > IPchains running I can't get my samba box to > show up in network > > > neighborhood, but when I turn ipchains off the > box shows up. What > > rules do > > > I need to add for things to work properly? > > > > > > -- > > > Raymond Norton > > > Little Crow Telemedia Network > > > 320-234-0270 > > > > > > > > > > > > > > > > > > > > > -- > To unsubscribe from this list go to the following > URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba