On Wed, 31 Dec 2003 09:16:06 -0600 "Rigler, Steve" <SRigler@xxxxxxxxxxxxxxx> wrote: > It's been some time since I setup iptables to allow for samba > connections, but I remember something about having to allow > connections from hosts where the source port is 137:139. > > Something like: > iptables -I INPUT -p tcp -m tcp --sport 137:139 -j ACCEPT > iptables -I INPUT -p udp -m udp --sport 137:139 -j ACCEPT > > The "-I" should cause the rules to be followed prior to any > reject rules. > This is a tremendously insecure set of rules. It means that all an attacker has to do is use port 137 to generate his packets and he can attach to any port on your machine! Also, it appears that the problem for the OP actually isn't iptables related. Sean -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
