Netfilter problem with higher SAMBA UDP ports
Yan Seiner
yan@cardinalengineering.com
Tue, 26 Mar 2002 06:43:07 -0500
Maciej Soltysiak wrote:
>
> > > 2 iptables -A INPUT -p tcp --dport 137:139 -m state --state NEW -j
> > > ACCEPT
> > > 3 iptables -A INPUT -p udp --dport 137:139 -m state --state NEW -j
> > > ACCEPT
>
> SMB uses UDP on ports 137,138, and TCP on port 139.
>
> I solved my SMB problems using tcpdump
> like:
> tcpdump -i eth1 host q.w.e.r and \(port 137 or port 138 or port 139\)
>
> and looked what happens when host q.w.e.r tries to access a resource via
> eth1.
Right. But at least with my network, not all hosts do the same thing.
The MS KB says you have to allow both UDP and TCP on 138; some hosts
apparently connect back to high port with netbios source ports, etc. I
have not been able to find any reason for this. I have two identically
configured win98 boxes from the same vendor; each connects a different
way.
--Yan
>
> Maciej Soltysiak
--
Future fighter pilots:
Me: Akari, WHAT are you DOING?
Akari, age 3: Pushing the envelope.
spam killer code kpwq1jkcsEzdx39gnkVvgycd15ayqq
(see http://www.paganini.net/ask)