What to use instead of Samba?
Craig White
craigwhite at azapple.com
Mon Nov 21 20:24:38 MST 2005
On Mon, 2005-11-21 at 18:41 -0700, Kevin Brown wrote:
> >> I use Samba with several of my Windoze boxes including XP with no
> >> problems at all. I even have the users home directories with roaming
> >> profiles hosted on my Linux server.
> >>
> >>
> > OK, well I might relent and try it again if someone would
> > forward to me an exact copy of their SMB iptables rules and
> > their smb.conf file -- I'd be willing to plug these in and give
> > them a shot (making only obvious changes). I didn't consult
> > the PLUG list because I was busy going through vast numbers
> > of Google hits on "path was not found" and I really doubt
> > anyone can add to the list of "did you try this?" items.
>
> "path was not found"??? What are you doing that is spitting that error out?
----
obviously iptables isn't causing this issue. This issue is more likely
to be caused by bad path definitions in smb.conf
You should be able find out what's wrong with this command...
testparm -s > /tmp/samba.conf.txt
or the verbose (all settings)
testparm -sv > /tmp/samba.conf.txt
and you can post the output to the list.
iptables...for samba use...
generally, you should just be able to do stuff like...
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
ports 137, 138, 139 & 445 are the smb ports
but if this system is facing internet, don't do this.
Craig
btw...I was invited to join samba team ;-)
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the PLUG-discuss
mailing list