Netfilter problem with higher SAMBA UDP ports
Tue, 26 Mar 2002 11:53:00 +0200
Please help me !
Samba/netbios do not work until I staticaly open UDP
ports above 1024 for new connections!!!
As far as I know SAMBA uses TCP/UDP 137:139 for
initiating a new connection
Corect me if I'm wrong, SAMBA/netbios never send
first packet to a destination port higher than 1024.
(in the default install)
There are packets sent to a port higher than 1024
but they should be only a reply to a request
If I'm right first rule should let them get in.
Default policy is DROP
1 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
2 iptables -A INPUT -p tcp --dport 137:139 -m state --state NEW -j
3 iptables -A INPUT -p udp --dport 137:139 -m state --state NEW -j
4 iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j
Is that corect ? Is that enough ?
For me it works only if I staticaly open some UDP ports (for new
above 1024 like this:
5 iptables -A INPUT -p udp --dport 1024:10000 -m state --state NEW -j
I did not changed samba default port
In our domain is also a WINDOWS machine as PDC
Please help me ?