On 06/27/2014 08:35 PM, Tom Furie wrote:
> On Fri, Jun 27, 2014 at 08:00:03PM +0200, Diogene Laerce wrote:
>
>>>> I try to authorize the 192.168.0.2 host to connect to samba but the
>>>> server host 192.168.0.1 won't let me with the following statement :
>>>>
>>>> ************************************************************************
>>>>
>>>> iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1
>>>> --dport 137 -j ACCEPT
>>>> iptables -A INPUT -i eth0 -p udp -s 192.168.0.2/32 -d 192.168.0.1
>>>> --dport 138 -j ACCEPT
>>>> iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED -p tcp -s
>>>> 192.168.0.2/32 -d 192.168.0.1 --dport 139 -j ACCEPT
>>>> iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED -p tcp -s
>>>> 192.168.0.2/32 -d 192.168.0.1 --dport 445 -j ACCEPT
>>>>
>>>> ************************************************************************
>
>> # Allow incomings for SAMBA
>> iptables -A INPUT -i eth0 -m udp -p udp -s 192.168.0.11 -d 192.168.0.10
>> --dport 137 -j ACCEPT
>> iptables -A INPUT -i eth0 -m udp -p udp -s 192.168.0.11 -d 192.168.0.10
>> --dport 138 -j ACCEPT
>> iptables -A INPUT -i eth0 -m tcp -p tcp -s 192.168.0.11 -d 192.168.0.10
>> --dport 139 -m state --state RELATED -j ACCEPT
>> iptables -A INPUT -i eth0 -m tcp -p tcp -s 192.168.0.11 -d 192.168.0.10
>> --dport 445 -m state --state RELATED -j ACCEPT
>
> The only significant difference I see between these rulesets is in the
> source and destination addresses. Are you testing these new rules on a
> different machine, or the same machine? Are you testing with a different
> remote machine, or the same one as previously?
Yes just testing on the same one, with different assignments. I don't
know why it's working now but it does.
Regards,
--
“One original thought is worth a thousand mindless quotings.”
“Le vrai n'est pas plus sûr que le probable.”
Diogene Laerce
Attachment:
signature.asc
Description: OpenPGP digital signature