Il 31/08/2016 11:43, Thomas Woerner ha scritto:
Hello Giovanni, ... More tests are needed now:
- Are the samba related rules in place for ports 137/udp, 138/udp,
139/tcp and 445/tcp?
As you can see, the service is untouched:
$ firewall-cmd --info-service=samba samba ports: 137/udp 138/udp 139/tcp 445/tcp protocols: source-ports: modules: nf_conntrack_netbios_ns destination:
Also, I made an additional service, as I saw that some implementation (Windows, maybe?) requires all (TCP+UDP) ports on range 137-139:
$ firewall-cmd --info-service=samba-additional samba-additional ports: 137/tcp 138/tcp 139/udp protocols: source-ports: modules: destination:
- Is the zone assignment correct in the output of "firewall-cmd
--get-active-zones"?
My WiFi card (iface wlp3s0) use the "home" zone:
$ firewall-cmd --get-active-zones public interfaces: enp0s20u3u2 home interfaces: wlp3s0 sources: 192.168.0.1/24
and in the "home" zone, the service is activated properly:
$ firewall-cmd --info-zone=home home (active) target: default icmp-block-inversion: no interfaces: wlp3s0 sources: 192.168.0.1/24 services: dhcpv6-client mdns ntp samba samba-additional ssdp ssh steam transmission ports: 4321/tcp 4321/udp protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules:
- Is samba working if firewalld is turned off temporarily?
Yup. Test with ping:
$ systemctl start firewalld $ LANG=C ping -c 5 ubuntu_server ping: ubuntu_server: Name or service not known $ systemctl stop firewalld $ LANG=C ping -c 5 ubuntu_server PING ubuntu_server (192.168.0.69) 56(84) bytes of data. 64 bytes from 192.168.0.69 (192.168.0.69): icmp_seq=1 ttl=64 time=3.89 ms 64 bytes from 192.168.0.69 (192.168.0.69): icmp_seq=2 ttl=64 time=3.08 ms 64 bytes from 192.168.0.69 (192.168.0.69): icmp_seq=3 ttl=64 time=4.12 ms 64 bytes from 192.168.0.69 (192.168.0.69): icmp_seq=4 ttl=64 time=2.66 ms 64 bytes from 192.168.0.69 (192.168.0.69): icmp_seq=5 ttl=64 time=2.89 ms
--- ubuntu_server ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 8025ms rtt min/avg/max/mdev = 2.666/3.334/4.129/0.572 ms $ systemctl start firewalld $ LANG=C ping -c 5 ubuntu_server ping: ubuntu_server: Name or service not known
Test with nmblookup: $ systemctl stop firewalld $ nmblookup ubuntu_server 192.168.0.69 ubuntu_server<00> $ systemctl start firewalld $ nmblookup ubuntu_server name_query failed to find name ubuntu_server
I hope to have replied properly to all the questions :)
Thanks in advance