On Monday 08 September 2003 10:38 pm, Ed Greshko wrote:
> On Tue, 2003-09-09 at 05:09, Reuben D. Budiardja wrote:
> > Hello,
> > Just a quick question. If I run smbclient and NFS client (mount to
> > another NFS server) in my workstation, do I need to open up a hole in the
> > firewall?
<snip>

> Since you are talking about managing your iptables configuration via
> shorewall you should probably ask your question on that list....but....

Well, my more general question is whether some ports need to be open if I just 
run client (smbmount) and NFS mount, *not* the server. Add to that, I know 
that some of the listers here are happy users of shorewall, the reason of 
which I checked it out, so... :)

> Yes, both the samba protocols as well as the NFS protocols require that
> a given set of ports be opened on your firewall.  The ports in question
> are all listed in the shorewall documentation.  In what area do you need
> clarification?

It doesn't say if that's needed if the machine acts as Samba server (share) or 
client, or NFS server (which doing the exporting) or client (just mounting a 
remote exported directory).
My machine just acks as a client, and I don't open anything else in the 
firewall excepts for the few ports that I know I need to open (http, 
sendmail). It's working now, I can browse and read file (smb and nfs). Yet, 
when I look back from the log, I see the following, which happened few hours 
ago and never happen again since. 

This is for the NFS server:

Sep  8 13:50:25 voyager kernel: Shorewall:newnotsyn:DROP:IN=eth0 OUT= 
MAC=00:10:dc:27:e3:d7:00:90:27:ac:81:3a:08:00 SRC=160.36.28.37 
DST=160.36.28.203 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=62297 DF PROTO=TCP 
SPT=22 DPT=60452 WINDOW=11248 RES=0x00 ACK RST URGP=0 

Sep  8 13:50:38 voyager kernel: Shorewall:newnotsyn:DROP:IN= OUT=eth0 
SRC=160.36.28.203 DST=160.36.28.37 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=5888 
DF PROTO=TCP SPT=60452 DPT=22 WINDOW=62640 RES=0x00 ACK RST URGP=0 

I'm not sure if this is because I don't open the necessary port, or an 
artifact of something else going on. 

For the samba server, I don't find anything on it. The samba share is on a 
Win2K machine. 

Thanks for the help.

RDB

-- 
Reuben D. Budiardja
Department of Physics and Astronomy
The University of Tennessee, Knoxville, TN


-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list

Reply via email to