search for: allowsmb

Dear All, I have read all the documentation I can find but I still have not understood how, in what context and where to use the action commands enumerated in /usr/share/shorewall/actions.std. Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB and RejectSMB to control SMB traffic instead of the classic ACCEPT z1 z2 udp 135,445 ACCEPT z1 z2 udp 137:139 ACCEPT z1 z2 udp 1024: 137 ACCEPT z1 z2 tcp 135,139,445 I have c...

...handled by the firewall, DNS is handled by servers side our techroom. my rules file AllowSSH all fw AllowDNS all net:10.1.1.159,10.1.1.160 AllowFTP loc net AllowWeb loc net AllowPOP3 loc net AllowSMTP loc net:172.16.35.10,172.16.35.33 AllowSMB loc net:10.1.1.159,10.1.1.160 my policy file loc all DROP info net all DROP info all all REJECT info 192.168.50.1 = Internal interface of shorewall firewall 192.168.50.199 = Workstat...

I use shorewall 2.0.9 I have a mac filter running on my eth2(wifi) 192.168.0.1 is eth1(loc). My policy file allows trafic from wifi to loc and loc to wifi. Also fw to wifi and fw to loc. I also use AllowSMB loc to fw and AllowSMB wifi to fw. Any ideas? Shorewall:eth2_mac:REJECT:IN=eth2 OUT= MAC= SRC=192.168.0.1 DST=192.168.1.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=6188 DF PROTO=UDP SPT=138 DPT=138 LEN=221 Todd

...info all all REJECT info ================= RULES--related to VPN and SAMBA # Allow PPTP VPN to Nebo ACCEPT vpn fw 47 - - ACCEPT vpn fw tcp 1723 - # # Accept Samba connections between LAN and NEBO AllowSMB fw loc AllowSMB loc fw # # Accept Samba connections between VPN and NEBO AllowSMB fw ppp AllowSMB ppp fw # # Accept Samba connections between PPP and LAN AllowSMB loc ppp AllowSMB ppp loc # # Accept Samba connections between VPN an...

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

...T LAN $FW:192.168.100.1 udp 445 But when ever the shorewall is started I find it takes some rules from /usr/share/shorewall/, where there is a file called action.DropSMB and action.DropPing. So all my smb packets for port 137-139,445 are droped here. Also I found another file action.AllowSMB, which allows the smb packets. I don''t know which one to edit. what is the use of these files. I want my clients to allow pinging to the server and also they should be able to access the server thru samba. Plz give me a solution. I am new to Shorewall. ===== Regards, AnandhG ______...

...+ ''['' xAllowSSH = xINCLUDE '']'' + echo ''AllowSSH #Accept SSH'' + read first rest + ''['' xAllowWeb = xINCLUDE '']'' + echo ''AllowWeb #Allow Web Browsing'' + read first rest + ''['' xAllowSMB = xINCLUDE '']'' + echo ''AllowSMB #Allow MS Networking'' + read first rest + ''['' xAllowAuth = xINCLUDE '']'' + echo ''AllowAuth #Allow Auth (identd)'' + read first rest + ''['' xAllowSMTP = xINCLUDE &...

...connections from the firewall to the network # ACCEPT fw net tcp 53 ACCEPT fw net udp 53 # # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 # # Allow Ping To And From Firewall # ACCEPT loc fw icmp 8 ACCEPT net fw icmp 8 ACCEPT fw loc icmp ACCEPT fw net icmp AllowSMB fw loc AllowSMB loc fw AllowWeb net fw AllowWeb loc fw Conf CLAMPMSS=yes IP_FORWARDING=on -- ?? Your kernel must # have CONFIG_IP_NF_TARGET_TCPMSS set. : Deze setting kan ik niet vinden in mijn debian 2.6 kernel ?? ------------------------- horewall-2.2.3 Status at ziggy - Sun May 29 07:46:3...

...T  loc     net     tcp     ftp AllowPing       loc     net ACCEPT  loc     net     tcp     pop3 AllowSSH        loc     fw AllowSSH        net     fw AllowPing       loc     fw AllowPing       fw      loc AllowPing       fw      net ACCEPT          net:192.168.1.248,192.168.1.249,192.168.1.250   fw AllowSMB        loc     net AllowSMB        net     loc AllowSMB        net     fw AllowSMB        loc     fw AllowSNMP       loc     net My policies are currently all set to ACCEPT (except for the all-all line, which is DROP).  Here is some general info: Shorewall version 2.4 ip addr show 1: lo: <LO...

Hello, Which port Smb4K uses? I am not able to use Smb4K on my server for the local network. Thanks Varun

I''m running a Fedora Core 1 Samba server and Shorewall 2.0.1 Connections to Samba shares from both loc hosts and the fw host are usually impossible, unless I boot the Server and connect a loc machine to a Samba share before starting Shorewall. This requires manually toggling the startup_disabled filename and starting Shorewall manually after each boot. I used the two-interface

...ion.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowICMPs... Pre-processing /usr/share/shorewall/action.AllowIMA...

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

...;; work) TRUSTED_FTP="$NONE" TRUSTED_SMB="net:10.1.2.100,10.1.2.102" ;; *) TRUSTED_FTP="$NONE" TRUSTED_SMB="$NONE" ;; esac In /etc/shorewall/rules: AllowFTP $TRUSTED_FTP $FW AllowSMB $TRUSTED_SMB $FW In this way I can use a common (and simple) rules file which works for all networks, provided that the variables are set up correctly in the params file. Now, I would like that the SOURCE field in rules could accept the value ''none'' so that I could write t...

...igest format, so adding me to any replies would be greatly appreciated. RULES: ACCEPT net fw icmp 8 ACCEPT fw net icmp ACCEPT net fw tcp http,ssh,ftp ACCEPT net:155.97.241.182 fw tcp 5800:5849,5900:5949 ACCEPT net:155.97.241.182 fw udp 5800:5849,5900:5949 ACCEPT net:192.168.0.0/24 fw tcp AllowSMB net:192.168.0.0/24 fw #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE POLICY: fw net ACCEPT net all DROP info # The FOLLOWING POLICY MUST BE LAST all all REJECT info ZONES: net Net Internet #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE INTERFACES: n...

...bytes target prot opt in out source destination 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 Chain AllowSMB (6 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0...

...ion.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP... Pre-processing /usr/share/shorewall/action.AllowTeln...

...l/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP... Pre-processing /usr/share/shorewall/action.AllowTelnet......

.../share/shorewall/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP... Pre-processing /usr/share/shorewall/action.AllowTelnet... Pre-processing...

Hello, all. I''ve been trying to get shorewall to get LISa working on my Gentoo box. It works as long as I have shorewall turned off, but whenever I turn it on, it seems to block all LISa activity. I have TCP port 7741 opened (as per lisa-home.sourceforge.net), and nmap says it''s open. Ethereal indicates that LISa is communicating via TCP port 7741, from 127.0.0.1 to