firestarter and samba not working together
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firestarter (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
ufw (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: firestarter
I have to do the following to make samba work through iptables (firewall) set by the firestarter:
on the client side, i ihave to add the following lines to /etc/firestarte
# Allow response to netbios name broadcasts from the local network.
$IPT -A INBOUND -s $NET -p udp -m state --state NEW -j ACCEPT
There should be an option for this in one of the firestarter menus.
on the serverside:
through the policy menu, i have to set the inbound policy rule: allow SAMBA (smb) service on ports: 137-139, 445
and also through the preferences menu: disable Block broadcasts from external network
Perhaps disable block broadcasts should also be handled when setting the SAMBA inbound policy rule.
Is there a security issue when disabling block broadcast from external network?
Another issue when using SSH policy rules:
Perhaps an option and setting some parameters, login attempts and setting a time interval, in order to minimize bruteforce attacks could be added.
I know have to manually add the following lines in /etc/firestarte
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
Perhaps the mentioned issuses cannot be considered to be bugs, but it really BUGS a lot of people during the setup of a server.
This also happens while using Gufw. I had to shut the firewall down in order to get samba working again. I will try to see if these lines can help solve the problem permanently, thanks.