Justin, > -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 139 --syn -j ACCEPT > -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 137 -j ACCEPT > -A INPUT -p udp -m udp -s 192.168.1.0/24 --dport 138 -j ACCEPT
Did you specify OUTPUT rules also ? You may want to try the following lines taken from a working server config. "keep_state" is a special chain for stateful inspection and logging purposes: -A INPUT -p tcp -s 192.168.1.0/24 --sport 1024: --dport 137:139 -j ACCEPT -A OUTPUT -p tcp -d 192.168.1.0/24 --sport 137:139 --dport 1024: -j keep_state -A OUTPUT -p tcp -d 192.168.1.0/24 --sport 1024: --dport 137:139 -j ACCEPT -A INPUT -p tcp -s 192.168.1.0/24 --sport 137:139 --dport 1024: -j keep_state -A INPUT -p udp -s 192.168.1.0/24 --dport 137:139 -j ACCEPT -A OUTPUT -p udp -d 192.168.1.0/24 --dport 137:139 -j ACCEPT -N keep_state -A keep_state -m state --state INVALID -j DROP -A keep_state -m state --state RELATED,ESTABLISHED -j ACCEPT # debug, info, notice, warning, err, crit, alert und emerg -A keep_state -m limit --limit 10/minute --limit-burst 10 -j LOG --log-level notice --log-prefix "Packets dropped: " -A keep_state -j DROP -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
