its samba-2.2.7a-7.9.0 and i tried rejecting port 445 for tcp and udp but it isnt working properly yet
Regards Azeem
From: Tom Skeren <[EMAIL PROTECTED]> To: Andrew Gaffney <[EMAIL PROTECTED]> CC: azeem ahmad <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Subject: Re: [Samba] iptables and samba Date: Thu, 27 May 2004 14:41:07 -0700
Andrew Gaffney wrote:
azeem ahmad wrote:
hi i m using the script below ------------------------------------------------------------------------------------------------------------------------------------- iptables -F iptables -t nat -F iptables -P INPUT DROP iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
-------------------------------------------------------------------------------------------------------------------------------------
i have two shares on samba server "Soft and linux" in these shares there are many folders. whenever i run the above script and then i open the share it takes atleast 4 minutes to open the share. but it doesnt take time while browsing inside share.
mean there is a folder on soft share like soft/adobe/acrobat/acrobat6
when i double click on soft it takes atleast 4 minutes but after that when i click on adobe then acrobat then acrobat6 it takes now time it just browse them normally. same problem is with the other share named linux.
but if i dont run this script then all shares work fine with no delay
this problem only occures first time. mean when i browse the share next time it doesnt occur
This is a complete shot in the dark. Windows 2000 (probably) and XP (definately) will look for a SMB server on port 445 first by default. Since you have '-j DROP', the requests to 445 don't get a response. It takes a little bit to timeout and then Windows probably tries to connect again. I bet if you add the following iptables rule, the problem will go away:
iptables -A INPUT -i eth0 -p all --dport 445 -j REJECT
If you have Samba 3.x it will share on port 445.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
