Network problems

Boggess Rod rboggess at tenovacore.com
Mon Dec 27 16:12:08 UTC 2010 

>On 12/23/2010 12:21 PM, Tom H wrote:
>> On Thu, Dec 23, 2010 at 3:45 AM, Lucio M
Nicolosi<lmnicolosi at gmail.com>
>wrote:
>>> On Wed, Dec 22, 2010 at 5:14 PM, Bill Stanley<bstanle at wowway.com>
>wrote:
>>>>
>>>> I'm not certain if I am running two firewalls.  I assume I am
because I
>>>> know I installed the gufw firewall on the computer that doesn't
respond
>>>> to a ping.   I assume that Unbuntu installs a firewall by default.
If
>>>> so what is its name because I don't see any evidence of it.  This
is
>the
>>>> first firewall I assume I have.  If there isn't one, then I have
gufw
>only.
>>>>
>>>>   The strange thing is that I use the unaffected computer to do a
port
>>>> scan (using the system/administration/network tools) and can get
some
>>>> output back from the affected computer.
>>>>
>>>> The output of the port scan (from the unaffected computer) is...
>>>>
>>>> PORT  STATE  SERVICE
>>>> 111   open   sunprc
>>>> 2049  open   nfs
>>>> 40837 open   unknown
>>>> 45314 open   unknown
>>>> 50038 open   unknown
>>>>
>>>> When I do a port scan from the affected computer (of its port
status i
>>>> get...
>>>>
>>>> Port   State   service
>>>> 111    open    sunprc
>>>> 2049   open    nfs
>>>> 40837  open    unknown
>>>> 45314  open    unknown
>>>> 50038  open    unknown
>>>> 52826  open    unknown
>>>>
>>>> I am somewhat concerned about the open ports with an unknown
service.
>>>> Is there any way to get more information about those services?
>>>>
>>>> I notice that the unaffected computer can see the nfs service
running
>on
>>>> the affected computer.  If I can see the nfs service running, what
must
>>>> be done to share files using the nfs service.
>>>
>>> Although Ubuntu comes loaded with iptables, the core of any
firewall,
>>> if no rules are set it "doesn't work". Gufw is just a graphic
>>> interface to iptables that enables easy handling of rules. I don't
>>> have Gufw installed right now and I can't remember if it can disable
>>> ping requests, (anyway, yours is probably unconfigured) like some
DSL
>>> routers can do.
>>
>> For the sake of future googlers: it isn't that the firewall doesn't
>> work on a default Ubuntu install, it's that there are no rules
loaded;
>> gufw is a graphical front-end of ufw, which is itself a front-end
>> (with rule syntax similar to one of the BSDs) to iptables.
>>
>> So having both ufw and gufw doesn't mean that you have two firewalls
>> installed and if you don't enable ufw (through the CLI or GUI) or
>> write or load some rules with iptables you won't have a firewall
>> running.
>>
>> I don't see any samba ports in your output above. Are you sure that
>> you have samba running? How did you set up the shares?
>>
>> For nfs, you must have it installed. To export a directory, you have
>> to edit "/etc/exports".
>>
>
>I think you misunderstand my problem.  If I understand samba correctly,
>it is for connection a windows machine to a Linux machine.  I can't get
>two Linux machines (both running Unbuntu) to communicate.  If I am
>right, samba is not needed but nfs is needed.  After I get the two to
>communicate I will attempt to add my third computer which is a Windows
>machine.  Of course to do that samba will be needed but for the moment
>it should not be needed.
>
>The problem might not be a firewall problem.  Then again, I really
don't
>know which is why I am asking for help.
>
>
>

Rather draconic, but how bad would it be for you to reinstall on the
machine with the firewall and start over? There's just too much going on
here for anything more than random guesses. You might start off by
installing samba and getting that to work without the firewall. Once you
have ALL the machines, Linux AND Windows, communicating with the samba
shares, THEN start on the next single piece, say the firewall. That way,
if something stops working, you'll at least know what caused it. (It
sounds like the nfs is not needed, since samba can be used by both Linux
and Windows; since nfs will create some odd file locking that will cause
issues if you share the same files and directories on smb, let's try and
avoid that option unless we have no choice.)

Right now, you can't ping and we can't guess if that's because you have
SNMP Echo (also known as ping) blocked on port 7 (udp and tcp), because
the firewall (or two which you may or may not have running) have
disabled SNMP Echo replies, or because there's a network
mis-configuration. Even if we do figure out ping, doing so doesn't
necessarily imply that the problem is directly related to accessing
samba shares (on port 139 tcp).

More information about the ubuntu-users mailing list