** Also affects: gui-ufw (Ubuntu)
Importance: Undecided
Status: New
--
firestarter and samba not working together
https://bugs.launchpad.net/bugs/308334
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to gui-ufw in ubuntu.
Status in “firestarter” source package in Ubuntu: New
Status in “gui-ufw” source package in Ubuntu: New
Bug description:
Binary package hint: firestarter
I have to do the following to make samba work through iptables (firewall) set
by the firestarter:
on the client side, i ihave to add the following lines to
/etc/firestarter/inbound/setup:
# Allow response to netbios name broadcasts from the local network.
$IPT -A INBOUND -s $NET -p udp -m state --state NEW -j ACCEPT
There should be an option for this in one of the firestarter menus.
on the serverside:
through the policy menu, i have to set the inbound policy rule: allow SAMBA
(smb) service on ports: 137-139, 445
and also through the preferences menu: disable Block broadcasts from external
network
Perhaps disable block broadcasts should also be handled when setting the SAMBA
inbound policy rule.
Is there a security issue when disabling block broadcast from external network?
Another issue when using SSH policy rules:
Perhaps an option and setting some parameters, login attempts and setting a
time interval, in order to minimize bruteforce attacks could be added.
I know have to manually add the following lines in /etc/firestarter/user-pre:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent
--update --seconds 60 --hitcount 4 -j DROP
Perhaps the mentioned issuses cannot be considered to be bugs, but it really
BUGS a lot of people during the setup of a server.
_______________________________________________
Mailing list: https://launchpad.net/~gufw-developers
Post to : [email protected]
Unsubscribe : https://launchpad.net/~gufw-developers
More help : https://help.launchpad.net/ListHelp
