I've tried to log dropped packets, but on a big network there are too many to sort out. In putting conditions on the logging, I've found that the dropped packets do not have a source address of an individual machine, or a unicast address, or a broadcast address. I know something is being dropped in the PREROUTING chain because the OUTPUT chain can be changed to ACCEPT without any help.
I have noted this in the log: rpc_server/srv-spoolss_nt.c:spoolss_connect_to_client unable to connect to SMB server on machine <NAME>. Error was : SUCCESS - 0. In Samba 3.0.2a, what is "srv-spoolss_nt.c" attempting to do on the network? It seems there should be an "official" set of iptables rules someplace! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba