Tom, We do have a Windows 2000 DC, but WINS is not installed. All Windows clients are located in the same segment as the DC, DNS server information is issued to the clients via DHCP.
Wouter -----Oorspronkelijk bericht----- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Tom Eastep Verzonden: donderdag 13 maart 2008 15:13 Aan: Shorewall Users Onderwerp: Re: [Shorewall-users] Shorewall & Samba domain join Wouter Amsterdam wrote: > Tom, > > Thanks for your swift reply. I changed my rules file and the > etc/shorewall/action.Drop and action.Reject files as mentioned in > http://www.shorewall.net/samba.htm. But unfortunately I cannot find any > logging of SMB traffic between both zones. The only logging with the relevant > IP addresses in /var/log/messages is from yesterday, before I changed > anything: > > Mar 12 15:39:13 omilia kernel: Shorewall:FORWARD:REJECT:IN=eth2 > OUT=eth2 SRC=192.168.6.13 DST=192.168.0.12 LEN=77 TOS=0x00 PREC=0x00 > TTL=63 ID=54555 DF PROTO=UDP SPT=32889 DPT=53 LEN=57 Mar 12 15:39:23 > omilia kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2 > SRC=192.168.6.13 DST=192.168.0.12 LEN=77 TOS=0x00 PREC=0x00 TTL=63 > ID=54556 DF PROTO=UDP SPT=32889 DPT=53 LEN=57 > > The only relevant logging from today is this one: > > Mar 13 08:59:43 omilia kernel: Shorewall:all2all:REJECT:IN= OUT=eth2 > SRC=192.168.0.254 DST=192.168.0.12 LEN=71 TOS=0x00 PREC=0x00 TTL=64 > ID=7733 DF PROTO=UDP SPT=32772 DPT=53 LEN=51 > > But this looks like a DNS query from the firewall itself (0.254) to my domain > controller (0.12). Nothing Samba about that. I'm lost... So do you have a Wins server or PDC? Are the Windows hosts configured to use it? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
