From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1GboJn-0005DW-SQ for garchives@archives.gentoo.org; Mon, 23 Oct 2006 01:09:32 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.6) with SMTP id k9N16Twb031481; Mon, 23 Oct 2006 01:06:29 GMT Received: from blue.powerfulnet.net (blue.powerfulnet.net [80.68.94.67]) by robin.gentoo.org (8.13.8/8.13.6) with ESMTP id k9N13mUo029414 for ; Mon, 23 Oct 2006 01:03:48 GMT Received: from phoenix.pupeno.com (softdnserr [::ffff:200.126.169.154]) (AUTH: PLAIN pupeno@pupeno.com, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by blue.powerfulnet.net with esmtp; Mon, 23 Oct 2006 02:03:44 +0100 id 000601AB.453C14F1.000039FD From: Pupeno To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Firewalling and Sambra printer. Date: Mon, 23 Oct 2006 01:01:57 +0000 User-Agent: KMail/1.9.1 References: <200610221728.49846.pupeno@pupeno.com> <453BF78E.7050207@exceedtech.net> In-Reply-To: <453BF78E.7050207@exceedtech.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1265643.3lfP5xTZ95"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200610230102.07476.pupeno@pupeno.com> X-Archives-Salt: ded48683-5203-41eb-94a1-0c2b11cbc346 X-Archives-Hash: b9d3b1806e992f21f2efc8720ef0efd7 --nextPart1265643.3lfP5xTZ95 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 22 October 2006 22:58, Dale wrote: > Well I had a similiar issue a while back. =A0This is what I did and it wo= rked: > > iptables -I INPUT 2 -p udp --dport 445 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p tcp --dport 445 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p udp --dport 138 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p tcp --dport 138 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p udp --dport 139 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p tcp --dport 139 --source 192.168.0.0/24 -j ACCEPT > > iptables -I INPUT 2 -p tcp --dport 137 --source 192.168.100.0/24 -j > > ACCEPT iptables -I INPUT 2 -p udp --dport 137 --source 192.168.100.0/24 > > -j ACCEPT > > I got that help from here: > > http://forums.gentoo.org/viewtopic-p-3371796.html#3371796 > > Maybe that will help you some. =A0Oh, may need to change the ip numbers > where needed. Here it didn't, my iptables are now=20 # iptables -vL Chain INPUT (policy DROP 35548 packets, 16M bytes) pkts bytes target prot opt in out source =20 destination 343K 561M ACCEPT all -- lo any anywhere anywhere 36M 54G ACCEPT all -- any any anywhere anywher= e =20 state RELATED,ESTABLISHED 3 228 ACCEPT icmp -- any any anywhere anywher= e =20 icmp echo-request limit: avg 30/min burst 5 120 7057 ACCEPT icmp -- any any anywhere anywhere 1 60 ACCEPT tcp -- any any anywhere anywher= e =20 tcp dpt:ssh 0 0 ACCEPT udp -- any any 192.168.0.0/24 anywher= e =20 udp dpt:microsoft-ds 0 0 ACCEPT tcp -- any any 192.168.0.0/24 anywher= e =20 tcp dpt:microsoft-ds 2 467 ACCEPT udp -- any any 192.168.0.0/24 anywher= e =20 udp dpt:netbios-dgm 0 0 ACCEPT tcp -- any any 192.168.0.0/24 anywher= e =20 tcp dpt:netbios-dgm 0 0 ACCEPT udp -- any any 192.168.0.0/24 anywher= e =20 udp dpt:netbios-ssn 0 0 ACCEPT tcp -- any any 192.168.0.0/24 anywher= e =20 tcp dpt:netbios-ssn 0 0 ACCEPT tcp -- any any 192.168.0.0/24 anywher= e =20 tcp dpt:netbios-ns 37 2886 ACCEPT udp -- any any 192.168.0.0/24 anywher= e =20 udp dpt:netbios-ns Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source =20 destination Chain OUTPUT (policy ACCEPT 21M packets, 3429M bytes) pkts bytes target prot opt in out source =20 destination and I still can't print. I send the print job and the printer gets into a k= ind=20 of broken state. Well, those ports are not open on my workstation[1], so, allowing connectio= ns=20 to them won't change anything (unless something runs sporadically opening=20 those ports). Thank you. =2D-=20 Pupeno (http://pupeno.com) [1] # netstat -tlun Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:8010 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN udp 0 0 0.0.0.0:47552 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp 0 0 0.0.0.0:8010 0.0.0.0:* udp 0 0 0.0.0.0:631 0.0.0.0:* --nextPart1265643.3lfP5xTZ95 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5-ecc0.1.6 (GNU/Linux) iD8DBQBFPBSPfW48a9PWGkURAjkwAJ4xxZThuM+2WLQmSTuXk9UsrfHhKwCggCio SU9fBID/2mB3m2Qr3BjfHCg= =H/e3 -----END PGP SIGNATURE----- --nextPart1265643.3lfP5xTZ95-- -- gentoo-user@gentoo.org mailing list