1 |
This may help someone else keep their hair, as I pulled out enough of mine. |
2 |
|
3 |
I have my networks set up with wireless (wifi) on 10.10.10.* and wired (loc) |
4 |
as 192.168.1.* |
5 |
|
6 |
I run net-firewall/shorewall-2.4.2 to keep things nice and separated. |
7 |
|
8 |
What I want to do is allow certain wifi clients to have samba access to the |
9 |
wired network. |
10 |
|
11 |
I can ping devices across the two networks without any problem. |
12 |
|
13 |
I have this 'rule': |
14 |
ACCEPT wifi:10.10.10.69 fw all |
15 |
ACCEPT wifi:10.10.10.69 loc all |
16 |
|
17 |
I've tried it with this too and still nothing. |
18 |
ACCEPT wifi:10.10.10.69 all all |
19 |
|
20 |
If I try to use \\192.168.1.7 from a 10.10.10.69 (both are windowsXP |
21 |
notebooks), XP just times out and says that the network path was not found. |
22 |
Same if I use \\loki instead of the IP. |
23 |
|
24 |
This url talks about how to do this http://www.shorewall.net/samba.htm but |
25 |
it isn't working. |
26 |
|
27 |
I've tried both ways. |
28 |
|
29 |
#ACCEPT fw loc udp 137:139 |
30 |
#ACCEPT fw loc tcp 137,139,445 |
31 |
#ACCEPT fw loc udp 1024: 137 |
32 |
#ACCEPT loc fw udp 137:139 |
33 |
#ACCEPT loc fw tcp 137,139,445 |
34 |
#ACCEPT loc fw udp 1024: 137 |
35 |
# |
36 |
AllowSMB fw loc |
37 |
AllowSMB loc fw |
38 |
AllowSMB fw wifi |
39 |
AllowSMB wifi fw |
40 |
AllowSMB wifi loc |
41 |
AllowSMB loc wifi |
42 |
AllowSMB all all |
43 |
|
44 |
In a 'sanity check' moment, I typed "shorewall clear" (as defined here: |
45 |
http://www.shorewall.net/starting_and_stopping_shorewall.htm) and then tried |
46 |
to connect those two clients, and still got the same message. So I'm not so |
47 |
sure if shorewall is the problem? I looked at the samba.conf file and didn't |
48 |
seen anything. In fact, come to think of it, is this even a samba thing? |
49 |
Isn't samba only a factor if I was running it on the clients? In this case, |
50 |
both devices are windowsXP notebooks that happen to go through a gentoo |
51 |
server (fw/router)... |
52 |
|
53 |
Then it dawns on me, I wonder if XP's built in firewall is killing me? |
54 |
Sho'nuff. Here's the trick: |
55 |
|
56 |
Start->Control Pannel->Windows Firewall->Exceptions (I didn't even know that |
57 |
tab existed!) |
58 |
|
59 |
Double click on "File and Printer Sharing" |
60 |
|
61 |
Then for each of the 4 ports, double click and select "Any" |
62 |
|
63 |
You can also choose certain subnets or whatever, but I figure my clients are |
64 |
already behind the shorewall, so they're fairly protected, and I don't need |
65 |
the headaches. |
66 |
|
67 |
This also seemed to have a positive effect on my gentoo server's samba share |
68 |
which uses [homes] special directive in samba.conf. I couldn't ever get that |
69 |
working, and now it does! |
70 |
|
71 |
D.Vin |
72 |
http://daevid.com |
73 |
|
74 |
-- |
75 |
gentoo-user@g.o mailing list |