On Wed, 2003-12-31 at 10:16, Rigler, Steve wrote:
Something like:
iptables -I INPUT -p tcp -m tcp --sport 137:139 -j ACCEPT
iptables -I INPUT -p udp -m udp --sport 137:139 -j ACCEPT
Actually, you only need 137:138 udp and 139 tcp for normal SMB usage. And Sean is absolutely correct, your ruleset should match destination
port, not source port. It's not *anything like* what you posted. ;-)
This is true. you need udp 137,138 and tcp 139. General rules on setting rules: :) 1. sniff traffic to see what kind of communication you have on what ports. 2. use iptables logging to see what packets get dropped
Real rules:
iptables -A INPUT -d <local_ip_address> -i <local_interface> -p tcp --dport 139 -j ACCEPT
iptables -A INPUT -d <local_ip_address> -i <local_interface> -p udp -dport 137:139 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Before you use them read the manual. This should take care of your problems.
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
