Shorewall users - Mar 2004 - Shorewall2 - Action commands

Dear All,

I have read all the documentation I can find but I still have not understood
how, in what context and where to use the action commands enumerated in
/usr/share/shorewall/actions.std.

Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB
and RejectSMB to control SMB traffic instead of the classic

ACCEPT	 z1            z2             udp     135,445
ACCEPT   z1            z2             udp     137:139
ACCEPT	 z1            z2             udp     1024:	137
ACCEPT   z1            z2             tcp     135,139,445

I have copied action.AllowSMB from /usr/share/shorewall to /etc/shorewall and
modified the SRC, DST as relevant but the rules dont seem to get processed.

Thanks in advance.

Ama

On Wednesday 10 March 2004 10:49 am, Ama Kalu wrote:
> Dear All,
>
> I have read all the documentation I can find but I still have not
> understood how, in what context and where to use the action commands
> enumerated in /usr/share/shorewall/actions.std.
>
> Illustrating with SMB traffic for instance, how can one use AllowSMB,
> DropSMB and RejectSMB to control SMB traffic instead of the classic
>
> ACCEPT	 z1            z2             udp     135,445
> ACCEPT   z1            z2             udp     137:139
> ACCEPT	 z1            z2             udp     1024:	137
> ACCEPT   z1            z2             tcp     135,139,445
>
> I have copied action.AllowSMB from /usr/share/shorewall to /etc/shorewall
> and modified the SRC, DST as relevant but the rules dont seem to get
> processed.
No no no no.......

Leave the files unmodifed in /usr/share/shorewall.

If you want to enable SMB between z1 and z2, in /etc/shorewall/rules:

AllowSMB	z1	z2
AllowSMB	z2	z1

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net