Configure shorewall to allow browsing of LAN shares
Heres my setup, Mandrake 10 official with the firewall installed, in the settings it says, allow the internet to connect to which services, i selected none. I dont have samba installed, i use the kernels built in samba client to see shared folders and computers over our home LAN.
Heres my setup,
Mandrake 10 official with the firewall installed, in the settings it says, allow the internet to connect to which services, i selected none. I dont have samba installed, i use the kernels built in samba client to see shared folders and computers over our home LAN. I could access and see other computers without a problem before I enabled Mandrakes's firewall. How do I configure this shorewall firewall to allow me to see the other computers on my LAN again?
Mandrake 10 official with the firewall installed, in the settings it says, allow the internet to connect to which services, i selected none. I dont have samba installed, i use the kernels built in samba client to see shared folders and computers over our home LAN. I could access and see other computers without a problem before I enabled Mandrakes's firewall. How do I configure this shorewall firewall to allow me to see the other computers on my LAN again?
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
Gidday Whiskers
Since I prefer to set up firewall-rules by poking the necessary stuff into iptables, I'm not too sure how shorewall handles things. But it should be generally along the same patterns. Here's what to check ...
Option 1: Unrestricted LAN-access
If you don't have security concerns for you rlinux box you might as well allow the complete traffic to/from your box by generally assigning a "PERMIT" to the LAN-IP-range. Those are typically in the "192.164.0.0"- the "10.0.0.0"-ranges. Just check what IPs your boxes are assigned.
Option 2: Fine-granulated access
For this, not only the IP of the LAN-workstation you want to grant or deny access is relevant, but also the ports. For normal LAN operations you should at least allow traffic on the "typical Microsnot"-ports, as there are: 137, 139 and 445 (all TCP + UDP).
Regarding whether or not the above ports are used as "DESTINATION" or "SOURCE"-ports it may also be necessary to grant access on all ports higher than "1024".
For more info you might want to check this link
Shorewall-Samba quick-info
Hope that helps
Since I prefer to set up firewall-rules by poking the necessary stuff into iptables, I'm not too sure how shorewall handles things. But it should be generally along the same patterns. Here's what to check ...
Option 1: Unrestricted LAN-access
If you don't have security concerns for you rlinux box you might as well allow the complete traffic to/from your box by generally assigning a "PERMIT" to the LAN-IP-range. Those are typically in the "192.164.0.0"- the "10.0.0.0"-ranges. Just check what IPs your boxes are assigned.
Option 2: Fine-granulated access
For this, not only the IP of the LAN-workstation you want to grant or deny access is relevant, but also the ports. For normal LAN operations you should at least allow traffic on the "typical Microsnot"-ports, as there are: 137, 139 and 445 (all TCP + UDP).
Regarding whether or not the above ports are used as "DESTINATION" or "SOURCE"-ports it may also be necessary to grant access on all ports higher than "1024".
For more info you might want to check this link
Shorewall-Samba quick-info
Hope that helps
