Gentoo Archives: gentoo-user

From: Daevid Vincent <daevid@××××××.com>
To: gentoo-user@l.g.o
Subject: [gentoo-user] Windows share clients and shorewall [SOLVED]
Date: Sun, 18 Sep 2005 22:11:10
Message-Id: 200509182155.j8ILt3I8020679@robin.gentoo.org
1 This may help someone else keep their hair, as I pulled out enough of mine.
2
3 I have my networks set up with wireless (wifi) on 10.10.10.* and wired (loc)
4 as 192.168.1.*
5
6 I run net-firewall/shorewall-2.4.2 to keep things nice and separated.
7
8 What I want to do is allow certain wifi clients to have samba access to the
9 wired network.
10
11 I can ping devices across the two networks without any problem.
12
13 I have this 'rule':
14 ACCEPT wifi:10.10.10.69 fw all
15 ACCEPT wifi:10.10.10.69 loc all
16
17 I've tried it with this too and still nothing.
18 ACCEPT wifi:10.10.10.69 all all
19
20 If I try to use \\192.168.1.7 from a 10.10.10.69 (both are windowsXP
21 notebooks), XP just times out and says that the network path was not found.
22 Same if I use \\loki instead of the IP.
23
24 This url talks about how to do this http://www.shorewall.net/samba.htm but
25 it isn't working.
26
27 I've tried both ways.
28
29 #ACCEPT fw loc udp 137:139
30 #ACCEPT fw loc tcp 137,139,445
31 #ACCEPT fw loc udp 1024: 137
32 #ACCEPT loc fw udp 137:139
33 #ACCEPT loc fw tcp 137,139,445
34 #ACCEPT loc fw udp 1024: 137
35 #
36 AllowSMB fw loc
37 AllowSMB loc fw
38 AllowSMB fw wifi
39 AllowSMB wifi fw
40 AllowSMB wifi loc
41 AllowSMB loc wifi
42 AllowSMB all all
43
44 In a 'sanity check' moment, I typed "shorewall clear" (as defined here:
45 http://www.shorewall.net/starting_and_stopping_shorewall.htm) and then tried
46 to connect those two clients, and still got the same message. So I'm not so
47 sure if shorewall is the problem? I looked at the samba.conf file and didn't
48 seen anything. In fact, come to think of it, is this even a samba thing?
49 Isn't samba only a factor if I was running it on the clients? In this case,
50 both devices are windowsXP notebooks that happen to go through a gentoo
51 server (fw/router)...
52
53 Then it dawns on me, I wonder if XP's built in firewall is killing me?
54 Sho'nuff. Here's the trick:
55
56 Start->Control Pannel->Windows Firewall->Exceptions (I didn't even know that
57 tab existed!)
58
59 Double click on "File and Printer Sharing"
60
61 Then for each of the 4 ports, double click and select "Any"
62
63 You can also choose certain subnets or whatever, but I figure my clients are
64 already behind the shorewall, so they're fairly protected, and I don't need
65 the headaches.
66
67 This also seemed to have a positive effect on my gentoo server's samba share
68 which uses [homes] special directive in samba.conf. I couldn't ever get that
69 working, and now it does!
70
71 D.Vin
72 http://daevid.com
73
74 --
75 gentoo-user@g.o mailing list