R. Scott Belford wrote:
Firewall. Did I mention that I had monmotha's firewall on the 7.2 boxes? I had enabled port 139, but, no go. Just a little while a go I decided to flush the chains. On the one hand, and to the dismay of about 25 users, this shut down the interface to all traffic. Once resolved, though, I was suddenly able to browse the shares, from everywhere. Ouch.Samba is a wonderful thing. It works like the proverbial charm, except for these rare occasions when the admin breaks it. For those of you who have not used it, don't let my panicked post fool you. It is rather seemless to use. Sorry for the wasted traffic. scott
NetBIOS name resolution works by using broadcast. This means that you will need to allow udp port 138 (I believe, whatever netbios-ns is) from 255.255.255.255 if general broadcast is used (as opposed to the subnet broadcast, the last address in the subnet, which is included in your INTERNAL_LAN setting). This poses a problem similar to DHCP.
Run my script, then "iptables -I INPUT -p udp --dport 138 -i <lan interface> -s 255.255.255.255 -j ACCEPT" should fix the problem.
--MonMotha
pgpkITNgz5FIU.pgp
Description: PGP signature
