![]() There are two ways of restarting a service on CentOSĮither one works. This has to be right - as I've found out myself with a couple of typos! A RH-Firewall-1-INPUT -s 192.168.10.0/24 -m state -state NEW -m tcp -p tcp -dport 139 -j ACCEPTīe sure to watch out for case issues and don't make a mistake on tcp or udp otherwise samba won't function properly. Now, if your Samba setup demands the old netbios calls: -A RH-Firewall-1-INPUT -s 192.168.10.0/24 -m state -state NEW -m udp -p udp -dport 137 -j ACCEPT ![]() Of course you need to modify to your own network and this makes is far more secure than giving the entire world access to your network. s (ip address) limits to the Class C ip addresses of your installation. I'm not going to cover firewalls but understand the basics. A RH-Firewall-1-INPUT -s 192.168.10.0/24 -m state -state NEW -m udp -p udp -dport 445 -j ACCEPTĭon't be scared of the syntax. ![]() If you use Active Directory and want to enable that function ONLY in Samba use. Use your favorite text editor (such as vi or nano or joe or whatever works for you and add these lines to the file depending on your situation. Go into your firewall file /etc/sysconfig/iptables. Now why know this? Its because you have to know which ports to open and which ports to NOT open for SAMBA otherwise you're not going to get it to work in CentOS. Port 445 - Microsoft-DS SMB file sharing (UDP).Port 445 - Microsoft-DS Active Directory, Windows shares (TCP).Port 139 – TCP NetBIOS Session (TCP), Windows File and Printer Sharing (this is the most insecure port).Port 137 – UDP NetBIOS name service (WINS).Just know for now that there is a difference. It's not the focus of the article to explain the differences but you can easily do a web search. A UDP (user defined port) is a variation on a TCP port. Port 80 is for the web and port 22 for a secure remote connection (ssh). Here is a detailed listing of the ports that Samba needs to work with your system.Please note that a TCP (TCP) Port is just a service port. Now let's get to the ports and back to Samba. Again, these functions are beyond the scope of this document. You can also disable Netbios if you're not using it through the tcp/ip service in the Network Connections icon in the Windows control panel. Just to note, Windows defaults to netbios and a special setup is required to change that functin using system icon in the control panel. Now, unless you have a Windows server setup for this service, you're going to use the old Netbios services. Microsoft switched to PORT 445 (UDP and TCP) for the AD service. The main difference was that Active Directory relied on a DNS server instead of netbios. This is Microsoft's answer to Novell's Networking service (NDS) which was Novell's answer to UNIX's NFS server. Times change and out went WINS and in came Active Directory (AD). If you've ever done "net view" or the "net use" command, you've been using the WINS service. It can be a very insecure service but it easy to setup. In other words, WINS was the DNS of its day. Their network setups relied on a netbios server (WINS) to providing the naming to pass to the clients. Microsoft's old format for client/server communications was netbios. Why so many ports? Let's go into a bit of detail. This is actually a good thing, security is very important, but to get Samba to communicate outside the server we have to do some work and get some understanding as well. Samba is somewhat tricky to setup on CentOS due to both the firewall (iptables) and SELinux protection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |