Samba driving me nuts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Trying to get into the forums at FedoraForums.org, where this question
should be asked, but despite several attempts, I don't get registered.
So...I'll ask the question here.

I have samba up and running on F7 in a dual-boot mode.  On one side is
Windows XP (where I'm trying to move from) and on the other side is F7
(where I'm moving to). Elsewhere on my internal network (192.168.1.0) is
a Windows XP laptop.  The laptop can browse to a share on the Windows
side of the desktop machine A-OK (\\desk\data using the 'dave' login on
the laptop). 

Once I have samba up and running, I'll move all the data files in
\\desk\data to a linux partition and mount it under /mnt on F7. It will
then be available to the Windows XP laptop and a Windows XP guest
running in VMWare on top of F7.  At least that is the plan.

Samba is set up on the F7 machine for user authentication with encrypted
passwords, and I've created a samba user, using the same name and
password as the one on the Windows laptop (dave). I've touched three
files (test 1 test 2 test3) in /mnt/winxp as targets for experimenting.

While logged in as 'dave' on the F7 machine, I can browse to the three
files with smbclient //localhost/winxp -U dave (after supplying the unix
password for dave) I can also get to them through Nautilus by mapping a
share to \\localhost\winxp (again after supplying a user name and
password).

However, I cannot see \\desk\winxp from the laptop. Since I can see
these shares through localhost, I would have assumed that it would work
from the laptop.

I've purchased and read significant sections of the O'Reilly book on
samba.  I've purchased and read significant sections out of the new
Fedora 7 Bible. I followed the guidance in the F7 Bible to set up samba
so far. I've downloaded and read a number of samba How-To and other
samba problem related files...including some associated with selinux and
iptables.  I avoided using the /home directory because of the selinux
warnings about doing so. So, I've done my homework, but still can't
figure out why I can see this share through 'lo' but not across the
network.

I thought the problem may be with iptables, so here is the default
iptables-default file created when I built the box, added samba, and
then adjusted the server and firewall settings to start samba and allow
it through the firewall:

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j
ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT


Dave McGuffey
Principal Information System Security Engineer // NSA-IEM, NSA-IAM
SAIC, IISBU, Columbia, MD


-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux