[ amon77 @ 14.02.2009. 10:44 ] @
Imam jedan problem sa pristupanjem sambi u lokalnoj mrezi sa WinXP klijenta. Problem je u tome sto iako su u iptables optvoreni portovi 137,138,139 i 445 i dalje ne mogu da pristupim sambi dok u potpunosti ne zaustavim service iptables. Kada zaustavim servis sve naravno radi kako treba, a radi i ako pokrenem servis ako sam pre toga barem jedanput pristupio sambi sa klijentske masine... Ovo je izlaz za iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT ipv6-crypt-- anywhere anywhere ACCEPT ipv6-auth-- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353 ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ssn ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ns ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:microsoft-ds ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:135 ACCEPT udp -- anywhere anywhere state NEW udp dpt:135 ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ssn ACCEPT udp -- anywhere anywhere state NEW udp dpt:microsoft-ds ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Hvala unapred!!! |