Mike Hicks said: > On Tue, 2003-05-27 at 08:30, Raymond Norton wrote: >> I am having trouble accessing samba shares from my local network. If I >> stop >> ipchains it works fine. can anyone tell me what changes I need to make >> to >> the following set up. >> >> -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT > [etc.] > > You seem to be mostly matching on SYN packets (except for UDP streams) > with that '-y' flag. Those packets are only for initiating a > connection. Basically, your firewall seems to only let a client machine > say "Hello," replies with "Oh, hi," and then promptly starts ignoring > the client (sounds like some places I've been in real life..) Like compusa u mean? Your assessment looks right to me. Additionally i'd recommend and upgrade to a 2.4 kernel and iptables. > > You'd probably have a lot more luck if you remove the '-y' > > Rules similar to yours would probably work on a machine running > iptables, provided there's a rule to allow ESTABLISHED traffic, but > that's a whole other ball of wax... > > -- > _ _ _ _ _ ___ _ _ _ ___ _ _ __ You poor misguided Canadian > / \/ \(_)| ' // ._\ / - \(_)/ ./| ' /(__ bastard. > \_||_/|_||_|_\\___/ \_-_/|_|\__\|_|_\ __) > [ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ] > -- Ben Lutgens System Administrator / Has Been / Complete Moron _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list