[Firehol-support] Problem with Samba

Nicolas Blanco slainer68 at slainerweb.net
Thu May 20 14:09:41 BST 2004


Hi all!

I'm new to FireHOL and firewalling on Linux.

Thanks to FireHOL tutorial I was able to create my first Firewall script and 
it seems to work very good. My configuration is simple :
one PC on Linux that is connected on the internet (ppp0) and one PC on Windows 
(eth0).

But I have a problem with SAMBA.

Everytime I want to connect to my Windows computer with Samba I get :

May 20 14:20:48 pcfixe IN-home:IN=eth0 OUT= 
MAC=00:50:bf:d7:d1:a0:00:a0:cc:df:0b:ba:08:00 SRC=192.168.0.2 DST=192.168.0.1 
LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=9463 PROTO=UDP SPT=137 DPT=33434 LEN=70
May 20 14:20:48 pcfixe IN-home:IN=eth0 OUT= 
MAC=00:50:bf:d7:d1:a0:00:a0:cc:df:0b:ba:08:00 SRC=192.168.0.2 DST=192.168.0.1 
LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=9464 PROTO=UDP SPT=137 DPT=33434 LEN=70
May 20 14:20:48 pcfixe IN-home:IN=eth0 OUT= 
MAC=00:50:bf:d7:d1:a0:00:a0:cc:df:0b:ba:08:00 SRC=192.168.0.2 DST=192.168.0.1 
LEN=90 TOS=0x00 PREC=0x00 TTL=128 ID=9469 PROTO=UDP SPT=137 DPT=33434 LEN=70


My configuration script is :

version 5

home_ip="192.168.0.1/24"

server_amule_ports="tcp/14662 udp/14672"
client_amule_ports="default"

interface eth0 home src "${home_ip}"
policy reject
server  "samba icmp"    accept
client  "samba icmp"    accept

interface ppp0 internet src not "${home_ip} ${UNROUTABLE_IPS}"
protection strong 10/sec 10
server ident reject with tcp-reset
client all accept
server emule accept
server amule accept

router internet2home inface ppp0 outface eth0
                masquerade reverse
                client all      accept
                server ident    reject with tcp-reset


Thank you very much if you have any idea.

Nicolas.




More information about the Firehol-support mailing list