> -----Original Message----- > From: Gavin Davenport [mailto:[EMAIL PROTECTED] > iptables -L -v will show you which rules are being triggered (when the > service is started). > > Its possible its hitting the implicit deny all for the input rule, try > adding some logging to your rules.
well i made some change on my iptables rules to make things more clear(at least for me), by removing the -m multiport. [EMAIL PROTECTED] root]# cat /etc/sysconfig/iptables # Generated by iptables-save v1.2.7a on Tue Oct 21 19:42:29 2003 *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [2:100] [2:100] -A INPUT -i lo -j ACCEPT [0:0] -A INPUT -p icmp -j ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT [0:0] -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT [0:0] -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT [0:0] -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT [0:0] -A INPUT -p udp -m state --state NEW -m udp --dport 445 -j ACCEPT [0:0] -A INPUT -p udp -m state --state NEW -m udp --dport 139 -j ACCEPT [0:0] -A INPUT -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT [0:0] -A INPUT -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT [0:0] -A INPUT -p udp -m state --state NEW -m udp --dport 135 -j ACCEPT [0:0] -A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT [0:0] -A INPUT -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT [0:0] -A INPUT -p tcp -m state --state NEW -m tcp --dport 135 -j ACCEPT COMMIT # Completed on Tue Oct 21 19:42:29 2003 [EMAIL PROTECTED] root]# then, zeroing my iptables counter and start counting the packets. it seems to me that some (?) of the packets originating from my windows box being dropped by iptables. When the windows explorer finally give up, the dropped packet counter reach the number 1210 packets, that is 115k bytes. [EMAIL PROTECTED] root]# grep Chain elve.txt Chain INPUT (policy DROP 1210 packets, 115K bytes) Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) Chain OUTPUT (policy ACCEPT 436 packets, 43909 bytes) [EMAIL PROTECTED] root]# I also do some logging, with result: [EMAIL PROTECTED] root]# grep SAMBA-LOG /var/log/messages | \ > cut -d' ' -f6,9,10,16- | sort | uniq | tee elve2.txt SAMBA-LOGIN=eth0 SRC=148.175.152.21 DST=224.0.0.1 PROTO=2 SAMBA-LOGIN=eth0 SRC=148.175.153.137 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.153.137 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1347 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.153.138 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.153.138 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1347 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.153.140 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=82 SAMBA-LOGIN=eth0 SRC=148.175.153.140 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1347 LEN=82 SAMBA-LOGIN=eth0 SRC=148.175.153.141 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=82 SAMBA-LOGIN=eth0 SRC=148.175.153.141 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1347 LEN=82 SAMBA-LOGIN=eth0 SRC=148.175.153.192 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.153.192 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1347 LEN=70 SAMBA-LOGIN=eth0 SRC=148.175.157.145 DST=148.175.153.92 PROTO=UDP SPT=137 DPT=1345 LEN=76 [EMAIL PROTECTED] root]# ... and I still confused for what was went wrong. Is it samba or iptables issue ? *exacly*, how to specify samba packets rules ? salam, ef > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Behalf Of Faisal, Emir (KPC) -->8 > [EMAIL PROTECTED] root]# cat /etc/sysconfig/iptables > # Generated by iptables-save v1.2.7a on Sun Oct 12 19:36:36 2003 > *filter > :INPUT DROP [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [2:100] > [0:0] -A INPUT -i lo -j ACCEPT > [0:0] -A INPUT -p icmp -j ACCEPT > [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > [0:0] -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT > [0:0] -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT > [0:0] -A INPUT -p udp -m state --state NEW -m multiport --dports > 135,netbios-ns,netbios-dgm,netbios-ssn,microsoft-ds -j ACCEPT > [0:0] -A INPUT -p tcp -m state --state NEW -m multiport --dports > 135,netbios-ssn,microsoft-ds -j ACCEPT > COMMIT > # Completed on Sun Oct 12 19:36:36 2003 > [EMAIL PROTECTED] root]# -->8 Disclaimer - This message and any attachments may contain privileged information. Any unauthorised use of this message by any person may lead to legal consequences. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of PT Kaltim Prima Coal. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
