Re: Firewalling samba ports

[Danny Sauer <sauer@cloudmaster.com>]

On Wed, May 02, 2001 at 06:13:02PM -0500, Aaron Cronkright wrote:
> Hello, 
> 
> I am having trouble firewalling my samba ports.  What I am trying to do is run samba on a gateway server, binding it to the internal net interface, and firewall the ports on the external interface.  I am running redhat 6.2 using ipchains.
> 
> I tried using a few ipchains commands I found but doing portscans at www.dslreports.com/scan and using nmap can still see the netbios ports on the external interface.

If samba is binding to the ports on all interfaces, than those ports will
show up as "open" from a portscanner's point of view if you did something
like "iptables -A INPUT -p tcp -d extAdd --dport 137 -j DROP", 'cause the remote
machine doesn't get an "unreachable" message.  If you use REJECT instead,
then the ports oughtta appear to be closed - I think.  Note, "extAdd" there
is the external address, not a weird command.  You might be better to use
"-i" with your external interface, if they're on seperate physical interfaces.
Of course, you probably also wanna block port 138/139 and their UDP friends,
but I assume you knew that.

The usual caveat involving me occasionally being wrong applies.  Given that
I just tried it to be sure, though, I'm guessing that I'm not wrong. ;)

--Danny
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.