tu as probablement une r�gle qui bloque. rajoute � la fin de ton script de firewall les lignes suivantes (ou apr�s avoir lanc� le firewall, tape dans une console en root) : (en supposant que ton interface r�seau vers ton r�seau interne est eth0)
iptables -A INPUT -i eth0 -p tcp --dport 137:139 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 137:139 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 445 -j ACCEPT (ce qui signifie : accepte les paquets provenant de l'interface eth0 et ayant pour destination les ports 137, 138, 139 et 445 pour les protocoles tcp et udp) Ca devrait fonctionner comme �a. CC Le Jeudi 16 Janvier 2003 16:25, vous avez �crit : > cc a �crit : > bonjour > > > ........... > > a priori, �a ressemble � un blocage de ton firewalL. > > v�rifie en tapant (en root) > > iptables -t filter -L > > tu dois avoir une r�gle en INPUT qui te bloque les ports netbios (137 � > > 139, et aussi un autre (le 435 je crois, mais je ne suis plus s�r). > > en cas, envoie le r�sultat de la commande > > CC > > [root@deny /etc]# iptables -t filter -L > Chain INPUT (policy DROP) > target prot opt source destination > ACCEPT udp -- anywhere anywhere udp > spt:bootpc dpt:bootps > ACCEPT tcp -- anywhere anywhere tcp > spt:bootpc dpt:bootps > ACCEPT udp -- anywhere anywhere udp > spt:bootps dpt:bootpc > ACCEPT tcp -- anywhere anywhere tcp > spt:bootps dpt:bootpc > ACCEPT udp -- anywhere anywhere udp > dpt:domain > ACCEPT tcp -- anywhere anywhere tcp > dpt:domain > DROP tcp -- anywhere 127.0.0.0/8 > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT all -- anywhere anywhere > DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere > PUB_IN all -- anywhere anywhere > PUB_IN all -- anywhere anywhere > PUB_IN all -- anywhere anywhere > DROP all -- anywhere anywhere > ACCEPT udp -- anywhere anywhere udp > spt:bootpc dpt:bootps > ACCEPT tcp -- anywhere anywhere tcp > spt:bootpc dpt:bootps > ACCEPT udp -- anywhere anywhere udp > spt:bootps dpt:bootpc > ACCEPT tcp -- anywhere anywhere tcp > spt:bootps dpt:bootpc > ACCEPT udp -- anywhere anywhere udp > dpt:domain > ACCEPT tcp -- anywhere anywhere tcp > dpt:domain > > Chain FORWARD (policy DROP) > target prot opt source destination > ACCEPT all -- 192.168.0.0/24 anywhere > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT all -- 192.168.0.0/24 anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > PUB_OUT all -- anywhere anywhere > PUB_OUT all -- anywhere anywhere > PUB_OUT all -- anywhere anywhere > > Chain INT_IN (0 references) > target prot opt source destination > ACCEPT icmp -- anywhere anywhere > DROP all -- anywhere anywhere > > Chain INT_OUT (0 references) > target prot opt source destination > ACCEPT icmp -- anywhere anywhere > ACCEPT all -- anywhere anywhere > > Chain PUB_IN (3 references) > target prot opt source destination > ACCEPT icmp -- anywhere anywhere icmp > destination-unreachable > ACCEPT icmp -- anywhere anywhere icmp > echo-reply > ACCEPT icmp -- anywhere anywhere icmp > time-exceeded > ACCEPT tcp -- anywhere anywhere tcp > dpt:domain > ACCEPT udp -- anywhere anywhere udp > dpt:domain > LOG tcp -- anywhere anywhere tcp > dpt:telnet state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning > prefix `audit' > LOG tcp -- anywhere anywhere tcp dpt:ftp > state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix > `audit' > LOG tcp -- anywhere anywhere tcp dpt:imap > state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix > `audit' > LOG tcp -- anywhere anywhere tcp > dpt:finger state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning > prefix `audit' > LOG tcp -- anywhere anywhere tcp > dpt:sunrpc state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning > prefix `audit' > LOG tcp -- anywhere anywhere tcp dpt:exec > state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix > `audit' > LOG tcp -- anywhere anywhere tcp > dpt:login state > INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' > LOG tcp -- anywhere anywhere tcp > dpt:tacnews state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning > prefix `audit' > LOG tcp -- anywhere anywhere tcp dpt:ssh > state INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix > `audit' > LOG udp -- anywhere anywhere udp > dpt:31337 state > INVALID,NEW limit: avg 5/sec burst 8 LOG level warning prefix `audit' > DROP icmp -- anywhere anywhere > DROP all -- anywhere anywhere > > Chain PUB_OUT (3 references) > target prot opt source destination > REJECT icmp -- anywhere anywhere icmp > destination-unreachable reject-with icmp-port-unreachable > REJECT icmp -- anywhere anywhere icmp > time-exceeded reject-with icmp-port-unreachable > ACCEPT all -- anywhere anywhere > [root@deny /etc]# > > > > j'ai juste active le partage de connection de mandrake > (mandrake control center) > sans activer bastille firewall > ET juste apres plus d'icone de serveur1 sur mon poste win > > > merci
Vous souhaitez acquerir votre Pack ou des Services MandrakeSoft? Rendez-vous sur "http://www.mandrakestore.com";
