open iptables to connect as client to windows network
Tom H
tomh0665 at gmail.com
Thu May 24 21:35:17 UTC 2012
On Thu, May 24, 2012 at 3:44 PM, NoOp <glgxg at sbcglobal.net> wrote:
> On 05/24/2012 09:14 AM, oxy wrote:
>>>
>>> Don't remove "--state NEW" and use the following:
>>>
>>> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>>> -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>>> -A OUTPUT -p udp -m udp --dport 137 -m state --state NEW -j ACCEPT
>>> -A OUTPUT -p udp -m udp --dport 138 -m state --state NEW -j ACCEPT
>>> -A OUTPUT -p tcp -m tcp --dport 139 -m state --state NEW -j ACCEPT
>>> -A OUTPUT -p tcp -m tcp --dport 445 -m state --state NEW -j ACCEPT
>>
>> It doesnt work for me. As soon as i activate this configuration the windows
>> network gets blocked for me :-/
>>
>> Does it work for you?
>
> Or you could simplify it and use ufw - it has a prebuilt samba profile:
>
> $ sudo ufw allow from 192.168.1.0/24 to any app samba
> (of course, replace 192.168.1.0/24 with your network)
> $ sudo ufw enable
> $ sudo ufw status verbose
> Status: active
> Logging: on (low)
> Default: deny (incoming), allow (outgoing)
> New profiles: skip
>
> To Action From
> -- ------ ----
> 137,138/udp (Samba) ALLOW IN 192.168.1.0/24
> 139,445/tcp (Samba) ALLOW IN 192.168.1.0/24
>
> ufw default profiles:
> $ sudo ufw app list
> Available applications:
> CUPS
> OpenSSH
> Samba
>
> If you want to allow samba from any network:
>
> $ sudo ufw allow samba
> Rule added
>
> $ sudo ufw status verbose
> Status: active
> Logging: on (low)
> Default: deny (incoming), allow (outgoing)
> New profiles: skip
>
> To Action From
> -- ------ ----
> 137,138/udp (Samba) ALLOW IN Anywhere
These ufw commands will result in the same iptables rules but they're
certainly simpler to type!
(Did you miss a line in your last copy-and-paste?)
More information about the ubuntu-users
mailing list