From: "Leonardo Rodrigues Magalhães" <leolistas@solutti.com.br>
To: Eial Czerwacki <eial@cs.bgu.ac.il>
Cc: netfilter@vger.kernel.org
Subject: Re: iptables block samba or not?
Date: Mon, 21 Jan 2008 23:52:38 -0200 [thread overview]
Message-ID: <47954C66.2000603@solutti.com.br> (raw)
In-Reply-To: <200801212233.m0LMXQqO006594@indigo.cs.bgu.ac.il>
[-- Attachment #1: Type: text/plain, Size: 1432 bytes --]
Eial Czerwacki escreveu:
> hello to all.
> I have a strange issue with iptables an samba, I've added samba's ports to iptables and tried to connect to my local network but it isnt
> working, it seems that iptables is blocking samba. here are my iptables rules:
>
>
iptables is NOT blocking samba. YOUR rules are blocking samba traffic.
> the ports are open and they receiving packages but the policy accept total is showing 0.
>
It's pretty obvious that nothing is going to reach your default
policy ACCEPT rule ... you have a last one REJECT rule that matches 0/0
all protocols. So, EVERYTHING will match your REJECT rule and, thus,
never reach ACCEPT default policy one.
> how can I open them? what port or rule did I missed?
>
i dont have a clue .... get yourself a LOG rule before the final
REJECT and watch for the LOGged rejected traffic .....
> one more thing, is there a way to sent multiple source addresses to one rule?
>
i think that can be acchieved using ipset stuff. But that's not
completly easy ... i have never searched for that. When I need multiple
sources, i get multiple rules ....
but seems ipset can do the job.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertrudes@solutti.com.br
My SPAMTRAP, do not email it
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 5589 bytes --]
next prev parent reply other threads:[~2008-01-22 1:52 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-21 22:33 iptables block samba or not? Eial Czerwacki
2008-01-22 1:52 ` Leonardo Rodrigues Magalhães [this message]
2008-01-23 22:00 ` Dzianis Kahanovich
2008-01-24 20:16 ` mouss
2008-01-24 20:17 ` Eial Czerwacki
2008-01-24 21:13 ` mouss
2008-01-24 21:37 ` Martijn Lievaart
2008-01-25 10:40 ` Eial Czerwacki
2008-01-25 11:49 ` mouss
2008-01-25 13:35 ` Eial Czerwacki
2008-01-25 13:42 ` mouss
2008-01-25 14:27 ` Eial Czerwacki
2008-01-25 15:15 ` mouss
2008-01-25 16:02 ` Eial Czerwacki
2008-01-25 16:13 ` mouss
2008-01-25 16:53 ` Eial Czerwacki
2008-01-25 19:02 ` Martijn Lievaart
2008-01-25 16:04 ` Steven Ayre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47954C66.2000603@solutti.com.br \
--to=leolistas@solutti.com.br \
--cc=eial@cs.bgu.ac.il \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.