Mailing List Archive: samba+iptables

samba+iptables

Jul 24, 2001, 8:49 AM

Post #1 of 3 (2411 views)

Hello Everybody!

I utilize iptables 1.2.2 running in a kernel 2.4.5.
All services (ftp, http, smtp, ssh etc.) are ok because my NAT linux box
is accepting all conections for INPUT, OUTPUT and FORWARD.
But after make a NAT in my lab my worktstations with windows NT 4.0 can't
reach the samba server.
Anybody knows howto configurate iptables to recover the connection to my
samba server?

--Thanks

Humberto Honda - Systems Administrator COLTEC/UFMG

RE: samba+iptables [ In reply to ]

Filip.Sneppe at cronos

Jul 24, 2001, 9:13 AM

Post #2 of 3 (2324 views)

Permalink

humberto@coltec.ufmg.br [SMTP:humberto@coltec.ufmg.br] wrote:

>But after make a NAT in my lab my worktstations with windows NT 4.0
>can't
>reach the samba server.
>Anybody knows howto configurate iptables to recover the connection to my
>samba server?

There are known issues with SMB and NAT, as some types of SMB carry IP
addresses in the packets. Here are just two articles from the MS site that
turned up after a quick search:

http://support.microsoft.com/support/kb/articles/Q172/2/27.ASP
http://support.microsoft.com/support/kb/articles/Q266/2/04.ASP

A solution to your problem would be to wait for somebody to write conntrack
and nat protocol helper modules for SMB. However, given the rather closed
nature of Microsoft's implementation of the protocol, plus their occasional
introduction of deliberate incompatibilities with Open Source projects like
Samba, this would not be a trivial task. I don't expect to see anyone
working on this any time soon.

-Filip

Re: samba+iptables [ In reply to ]

slerena at genterara

Jul 24, 2001, 10:27 PM

Post #3 of 3 (2324 views)

Permalink

> Anybody knows howto configurate iptables to recover the connection to my
> samba server?

I suppose you're using a WINS server or LMHosts properly configured... :-?

Un saludo,

Sancho Lerena
slerena@genterara.com
http://www.genterara.com/slerena