similar to: Samba and ufw

Rowland, OK. Should I delete these lines? diff yours mine 63d62 yours# -A ufw-after-logging-output -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] " 85,87d83 yours# -A ufw-before-logging-forward -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW AUDIT] " yours# -A ufw-before-logging-input -m conntrack

Louis, Made the changes. Still unable to mount office. Firewall also blocks Thunderbird mail and maybe internet. Will check that more fully later.Any thoughts ob Tony's response? Outputs: martin at radio:/etc$ sudo apt-get install ufw Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no

Yes, Try this ( copy past-able. ) ufw disable ufw reset ufw limit 22/tcp ufw allow in proto tcp from any port 389,1024:65535 to any port 1024:65535 ufw allow 139,445/tcp ufw allow 137,138/udp ufw --force enable Sorry for the late reply, but im bit busy with some servers here. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org]

On Wed, 6 Feb 2019 16:05:40 -0500 Martin McGlensey via samba <samba at lists.samba.org> wrote: > Rowland, > > Did some editing in smb.conf that I had to reverse. Now I'm back to > being able to connect with the firewall disabled. When I enable the > firewall I get as far as windows network -> workgroup but no > connection. I have only the rules you recommended in

Reindl, I will check that. Not sure how fix it. Will look on internet. Would you give some more information on the subject. Thanks Sent from my iPad Marty (843)-546-4822 > On Jan 29, 2019, at 10:43 AM, Reindl Harald <h.reindl at thelounge.net> wrote: > > > >> Am 29.01.19 um 16:39 schrieb Marty via samba: >> Here is the ufw.log after enabling logging medium and

Alright, I have setup the new rules and am waiting to see if I have any issues. If I do, I will keep working on it. I also read the article below, which mentions exactly what you I was told about 2008 and newer using different ports. https://support.microsoft.com/en-us/kb/929851 Here is the new configuration: root at dc01:~# iptables -S -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT -A INPUT -m

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I recently tried adding a firewall to my Samba 4 server using the port information I found on the wiki. Below is a dump of the resulting rules. root at dc01:~# iptables -S - -P INPUT DROP - -P FORWARD DROP - -P OUTPUT ACCEPT - -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m

Louis, Tried the rules you suggested: These work. I think that rules out any Windows problems. ufw insert 1 allow in on enp2s5 from 192.168.254.15 to 192.168.254.39 ufw insert 2 allow in on enp2s5 from 192.168.254.39 to 192.168.254.15 These do not work. ufw insert 1 allow in on enp2s5 proto tcp from 192.168.254.0/24 to 192.168.254.39 port 139,445 ufw insert 2 allow in on enp2s5 proto udp from

I just looked up 42 and 68. I do not use WINS or BOOTP. I am removing range 1024-5000 and replacing it with 49612-65535 now. I already allowed 389 TCP. Lead IT/IS Specialist Reach Technology FP, Inc On 12/29/2015 03:58 AM, L.P.H. van Belle wrote: > Hai, > > Im missing a few things. > > And maybe time server port to open? Are your dc's time server also? > These are the

Hai,   Just a questions, this might be a bug, might not, but for this one i need some help.   Setup, debian 9.   Member server samba 4.9.3 AD DC servers samba 4.8.7   Im setting up the member with a very tight firewall, so nothing in/our/routed unless its defined. Im using UFW firewall for it.   I notice the following in my member its firewall logs, and this only happend when i run : id or

Hi?guys. There is a wierd problem with iptables recently, hopes somebody can help me. I have installed Centos 7.2.1511 on a bare metal Dell server these days, disabled firewalld and enabled iptables.services, and setup a group of very simple rules, as the following: # iptables-save # Generated by iptables-save v1.4.21 on Tue Apr 23 09:15:14 2019 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT

Hello, Stephen, thank you for input. Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good. Actually, these servers are newly installed to be used as the Glusterfs storage server, so not much data flowing at this time. >From the sysctl output, I suppose it can't be a conntrack table overflow :

Good Morning, Using Linux Mint 19.1 I have configured UFW to allow Samba. I see that ports 135 tcp, 137 udp, 138 udp , 139 tcp and 445 tcp are all set properly. The problem is that with UFW enabled I cannot connect to my Windows 8.1 PC. Error "Unable to mount location - failed to retrieve list from server, file or directory does not exist". With UFW disabled I can connect and browse

Rowland, The computer name 'martin-RB042AV-ABA-a1410y' was set by Linux Mint when it was installed. I'm not sure I can change it. I check it on the Mint forum. I'll turn off the smb... feature and see what happens. Yes the ports listed below are open and set to pass through the firewall. Should I unset the netbios name". Going to try the modification to the ufw rules file as

My firewall and asterisk pjsip config only has "permit" options for my ITSP's (SIP trunk) IPs. Here's the script that sets it up. -------------------------------------------------- #!/bin/bash EXIF="eth0" /sbin/iptables --flush /sbin/iptables --policy INPUT DROP /sbin/iptables --policy OUTPUT ACCEPT /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -m

Louis, Followed your instructions so far. Take a look at the output of the various steps. I'm down to removing items form /etc/ufw. I'm not sure what I should delete. I know some of the files are backups generated after some rules were deleted. Please tell me what is safe to delete before I procede further. martin at radio:~$ sudo apt-get remove --purge ufw gufw Reading package

Here is the ufw.log after enabling logging medium and trying to connect to the windows net. Unfortunately the web Microsoft page is in German. I think it says window uses smb1 syntax. Jan 27 15:11:09 martin-RB042AV-ABA-a1410y kernel: [ 887.241685] [UFW BLOCK] IN=enp2s5 OUT= MAC=00:19:21:a2:11:5e:74:27:ea:ab:1e:e0:08:00 SRC=192.168.254.15 DST=192.168.254.39 LEN=90 TOS=0x00 PREC=0x00 TTL=128

I have do a classicupdate from a NT4 style domain to Samba DC 4.10.7 BIND_DLZ without (apparently) problem All seem work fine, access to PC work, join or re-join a PC to domain work, access from a Linux samba member server to Win7 PC work, access from Win7 to samba member server work. But I cannot access from a PC with win7 to another PC with win7. If I try to access from win7-0 to win7-1 via

Hi I would like to add rules into the iptables of the Hosted Engine VM in Ovirt. the version is oVirt Engine Version: 4.1.1.8-1.el7.centos I have tried using the normal process for iptables (iptables-save etc), but it seems that the file /etc/sysconfig/iptables this is ignored in the Ovirt Engine VM. How can I add permanent rules into the Engine VM? Kind regards Andrew

Hai, Im missing a few things. And maybe time server port to open? Are your dc's time server also? These are the ports i've set. TCP what im having. 22,42,53,88,135,139,389,445,464,636,3268,3269,1024:5000,49612:65535 How you did: 22,53,88,135,139,445,464,636,1024:5000,3268,3269 Your missing 42 389 and range : 49612:65535 UDP what im having. 53,67,68,88,123,137,138,389,464 How you