gir n00b
Joined: 02 Sep 2002 Posts: 37
|
Posted: Tue Apr 15, 2003 1:29 am Post subject: Samba and iptables and Windows XP |
|
|
Ok, I've got a rather frustrating problem. I am unable to connect to samba running on my gentoo server from a Windows XP box. Both are on the same workgroup. I have tried disabling the firewalls (iptables on the gentoo box and ZoneAlarm 3 on XP). I can occasionally get the XP box to see that my gentoo server is a samba host but that's intermetent at best and it has never been able to actually show me the shares, much less let me browse them.
The really annoying part is that I have windows xp and 2000 installed as VMWare guest os's on my gentoo server and they both can see and browse and login to my samba shares just fine.
XP and gentoo are both behind the same router and should be communicating over a virtual LAN (192.168.0.0/255.255.255.0) where the gentoo box has eth0:0 aliased to 192.168.0.10 and the XP box has it's lan interface aliased to 192.168.0.11. I can ping both machines from both machines.
My /etc/samba/smb.conf:
Code: |
[global]
workgroup = BLAH
log file = /var/log/samba/log.%m
max log size = 50
hosts allow = 192.168.,127.
guest account = nobody
encrypt passwords = yes
username map = /etc/samba/smbusers
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
interfaces = vmnet1 vmnet8 eth0:0 127.0.0.1
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
wins support = no
dns proxy = no
# Case Preservation can be handy - system default is _no_
preserve case = yes
security = user
[homes]
comment = Home Directories
browseable = no
public = no
writeable = yes
[data]
comment = Data
path = /data
writeable = yes
guest ok = yes
public = yes
|
My next step is to become one with ethereal and tcpdump... I would like to avoid that, if at all possible. There must be something obvious I'm missing since I can browse my samba shares with my vmware guest os's. As far as I can tell, however, the network settings on both XP installs are, for all intents and purposes, identical.
Finally, I believe that I have iptables correctly configured for samba but I'm not positive. Here are the rules I have for samba:
Code: |
# Permit samba
-A INPUT -p udp -s 192.168.0.0/24 --sport 137 -d 192.168.0.0/24 --dport 137 -j ACCEPT
-A INPUT -p udp -s 192.168.0.0/24 --sport 1024:65535 -d 192.168.0.0/24 --dport 137 -j ACCEPT
-A INPUT -p udp -s 192.168.0.0/24 --sport 138 -d 192.168.0.0/24 --dport 138 -j ACCEPT
-A INPUT -p udp -s 192.168.0.0/24 --sport 1024:65535 -d 192.168.0.0/24 --dport 138 -j ACCEPT
-A INPUT -p tcp -s 192.168.0.0/24 --sport 1024:65535 -d 192.168.0.0/24 --dport 139 -j ACCEPT
# Allow return packets from established outbound connections
-A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
Does this look ok?
Thanks in advance! |
|