samba: unreachable - admin prohibited

["Dermot Paikkos" <dermot@sciencephoto.com>]

Hi 

SYS: redhat fedora 4, samba 3.0.14a-2

This is the first time I have had trouble configuring samba but I am 
completely stuck.

I have a basic smb.conf (see below) and testparm says it's fine. The 
path to the one share exists and the permissions a 0777. However no 
clients can reach it. Unix smbclient can not access it:

[root]# smbclient -L polaris
Error connecting to 194.200.237.132 (No route to host)
Connection to polaris failed

Windows clients says permission denied and the network path was not 
found. NT4 server-manager sees the server but can't reach it. net rpc 
join fails with "Unable to find a suitable server"

tcpdump reports: 
"unreachable - admin prohibited" when I listen on the interface for 
incoming traffic from a client.

I can ping the server from other hosts (by hostname if the host has 
the server in its hosts file or by IP otherwise) but I am pretty sure 
this is a network/access problem.

The one area I am not sure about is the firewall. I left this enabled 
during the install of redhat. The iptables are listed at the end of 
this mail. portscan shows 139 running with netbios-ssn so I am not 
sure if this means traffic is allowed through or not.

Does anyone have any ideas?
Thanx.
Dp.



============== iptables ================
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp 
dpt:5353
ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state 
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state 
NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state 
NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state 
NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state 
NEW tcp dpt:smtp
REJECT     all  --  anywhere             anywhere            reject-
with icmp-host-prohibited

=============== End iptables ============

=======smb.conf ==========
[global]
workgroup = mygroup
server string =  132
netbios name = polaris
#hosts allow = 196.218.237.128/255.255.255.128
printcap name = /etc/printcap
#load printers = yes
cups options = raw
guest account = samba
log file = /var/log/samba/%m.log
max log size = 50
security = domain
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
default case = lower
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = yes
[share]
   comment = scanning drive
   path = /data/share
   public = yes
   writable = yes
   create mask = 0777
   browseable = yes
=============== end of smb.conf ==========