Firewall Problem with Samba

Hi, I’m trying to get samba working on openSUSE 11 with KDE4.1.

Previously, with 10.3, I used the following tutorial to open the proper ports on the firewall to allow samba to work, and it worked perfectly

How To Samba With Suse 10.3 And Windows X.

However, with 11, the ports don’t seem to be opening. I’m sure it’s the firewall, because if I disable it, I can browse the network fine.

Thanks

Open TCP ports 135, 139 and 445 using FW_SERVICES_EXT_TCP
Open UDP ports 137 and 138 using FW_SERVICES_EXT_UDP
Allow broadcasts on high ports by setting FW_ALLOW_FW_BROADCAST_EXT to yes
Open Trusted Network for your subnet, for example if youir IP is 10.0.7.33 then open the network 10.0.7.0/24 as a trusted network using FW_TRUSTED_NETS

That will more than cover it.

beardo41186 wrote:

>
> Hi, I’m trying to get samba working on openSUSE 11 with KDE4.1.
>
> Previously, with 10.3, I used the following tutorial to open the proper
> ports on the firewall to allow samba to work, and it worked perfectly
>
> ‘How To Samba With Suse 10.3 And Windows X’
> (http://www.tweakhound.com/linux/samba/page_5.htm).
>
> However, with 11, the ports don’t seem to be opening. I’m sure it’s the
> firewall, because if I disable it, I can browse the network fine.
>
>
> Thanks
>
>
Beardo;

These are the Samba ports:

Port 135/TCP - used by smbd
Port 137/UDP - used by nmbd
Port 138/UDP - used by nmbd
Port 139/TCP - used by smbd
Port 445/TCP - used by smbd

In addition to these ports you must allow Broadcasts. Outgoing messages may be
sent on Ports 1024+ but it is wise to block incoming high ports.

P. V.
“We have met the enemy an he is us” Pogo

Rather than opening the high ports, it is safer I believe to substitute this condition: FW_ALLOW_FW_BROADCAST_EXT –> yes or even safer to use not “yes” but instead the ports 137 138 ties it right down securely. I’ve edited my earlier reply for that tighter specification.

No I can’t edit it – it’s locked – bother – the OP will just have to take pot luck.

draga au wrote:

>
> PV;1850158 Wrote:
>> beardo41186 wrote:
>>
>> >
>> > Hi, I’m trying to get samba working on openSUSE 11 with KDE4.1.
>> >
>> > Previously, with 10.3, I used the following tutorial to open the
>> proper
>> > ports on the firewall to allow samba to work, and it worked perfectly
>> >
<snip>
>> >
>> Beardo;
>>
<snip>
>> –
>> P. V.
>> “We have met the enemy an he is us” Pogo
>
> Rather than opening the high ports, it is safer I believe to substitute
> this condition: FW_ALLOW_FW_BROADCAST_EXT → yes or even safer to use
> not “yes” but instead the ports 137 138 ties it right down securely.
> I’ve edited my earlier reply for that tighter specification.
>
<snip>

Some additional information for you.

Swerdna has written a very good how-to that is specific to Suse. You should
check out this link. It will give you detailed instructions on configuring
your Firewall.

http://www.swerdna.net.au/linux.html

His HOW-TOs are well written an easy to follow.


P. V.
“We have met the enemy an he is us” Pogo

Wow, thanks a lot.

It turns out I had forgotten to add the ip addresses I needed.

Odd though, I didn’t have to that in 10.2 or 10.3

Anyway, thanks again