Shorewall users - Oct 2006 - how do I allow SMB with a macro, overriding the default?

I copied the SMB macro to /etc/shorewall and then put in my rules file:

SMB/ACCEPT net          $FW

Shorewall is still not allowing SMB connections.  BTW I have a single 
interface and an external router which is not set to forward SMB, so SMB will 
only be allowed between machines in the LAN.



8)

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Pollywog wrote:
> I copied the SMB macro to /etc/shorewall and then put in my rules file:
> 
> SMB/ACCEPT net          $FW
> 
> Shorewall is still not allowing SMB connections.  BTW I have a single 
> interface and an external router which is not set to forward SMB, so SMB
will
> only be allowed between machines in the LAN.
>
This isn''t a problem report -- see
http://www.shorewall.net/support.htm#Guidelines

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

Pollywog wrote:
> I copied the SMB macro to /etc/shorewall and then put in my rules file:
> 
> SMB/ACCEPT net          $FW
> 
> Shorewall is still not allowing SMB connections.  BTW I have a single 
> interface and an external router which is not set to forward SMB, so SMB
will
> only be allowed between machines in the LAN.
As noted at http://www.shorewall.net/samba.htm, you must use SMB/ACCEPT
in both directions:

SMB/ACCEPT   net      $FW
SMB/ACCEPT   $FW      net

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

On Thursday 26 October 2006 02:57, Tom Eastep wrote:
> Pollywog wrote:
> > I copied the SMB macro to /etc/shorewall and then put in my rules
file:
> >
> > SMB/ACCEPT net          $FW
> >
> > Shorewall is still not allowing SMB connections.  BTW I have a single
> > interface and an external router which is not set to forward SMB, so
SMB
> > will only be allowed between machines in the LAN.
>
> As noted at http://www.shorewall.net/samba.htm, you must use SMB/ACCEPT
> in both directions:
>
> SMB/ACCEPT   net      $FW
> SMB/ACCEPT   $FW      net
Thanks, I will need to consider installing a second network interface on each 
machine in order to keep the LAN separate from the router that connects to 
the Internet.

8)

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642