open iptables to connect as client to windows network

[NoOp]

On 05/24/2012 09:14 AM, oxy wrote:
>> Don't remove "--state NEW" and use the following:
> 
>> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>> -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>> -A OUTPUT -p udp -m udp --dport 137 -m state --state NEW -j ACCEPT
>> -A OUTPUT -p udp -m udp --dport 138 -m state --state NEW -j ACCEPT
>> -A OUTPUT -p tcp -m tcp --dport 139 -m state --state NEW -j ACCEPT
>> -A OUTPUT -p tcp -m tcp --dport 445 -m state --state NEW -j ACCEPT
> 
> It doesnt work for me. As soon as i activate this configuration the windows
> network gets blocked for me  :-/
> 
> Does it work for you?
> 

Or you could simplify it and use ufw - it has a prebuilt samba profile:

$ sudo ufw allow from 192.168.1.0/24 to any app samba
(of course, replace 192.168.1.0/24 with your network)
$ sudo ufw enable
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
137,138/udp (Samba)        ALLOW IN    192.168.1.0/24
139,445/tcp (Samba)        ALLOW IN    192.168.1.0/24

ufw default profiles:
$ sudo ufw app list
Available applications:
  CUPS
  OpenSSH
  Samba

If you want to allow samba from any network:

$ sudo ufw allow samba
Rule added

$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
137,138/udp (Samba)        ALLOW IN    Anywhere

<https://help.ubuntu.com/community/UFW>
<https://help.ubuntu.com/12.04/serverguide/firewall.html>
<http://manpages.ubuntu.com/manpages/precise/en/man8/ufw.8.html>

and, of course if you'd prefer to use a gui:
https://help.ubuntu.com/community/Gufw