SMB and IPCHAINS
David
apollo7771 at home.com
Sun Jan 6 20:16:41 CST 2002
I'm setting up a web server with SSH access for the first time. I've been
reading Securing & Optimizing Linux RH Ed and I'm using the IPCHAINS script
out of that book. I want to connect to SSH from the internet then access my
windowz shares without taking my firewall down. When I try to mount a
windows share using:
mount -t smbfs //windowz/share /mnt/smbmount -o
username=username,password=password
It says 'Connection to windowz failed' so obviously ports 137:139 and 445
are blocked.
I've looked at the IPCHAINS man page, checked the howto and searched the web
for suggestions. My server is at 192.168.1.200 and I want to be able to
access my share at 192.168.1.101. This is what I think should work:
ipchains -A input -i eth0 -p tcp -s 192.168.1.200 137:139 -d 192.168.1.101
137:139 -j ACCEPT
ipchains -A input -i eth0 -p udp -s 192.168.1.200 137:139 -d 192.168.1.101
137:139 -j ACCEPT
ipchains -A input -i eth0 -p tcp -s 192.168.1.200 445 -d 192.168.1.101
445 -j ACCEPT
ipchains -A input -i eth0 -p udp -s 192.168.1.200 445 -d 192.168.1.101
445 -j ACCEPT
I've tried many variations of these commands and nothing works. Would it be
easier to simply allow any access between my server and the windowz machine
I need to access? Any suggestions are welcome?
Thanks,
David
More information about the Kclug
mailing list