From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1GbmLe-0008Rj-83 for garchives@archives.gentoo.org; Sun, 22 Oct 2006 23:03:18 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.6) with SMTP id k9MN0uoA025359; Sun, 22 Oct 2006 23:00:56 GMT Received: from mirus.exceedtech.net (ns0.exceedtech.net [70.151.169.5]) by robin.gentoo.org (8.13.8/8.13.6) with ESMTP id k9MMwQ7k016554 for ; Sun, 22 Oct 2006 22:58:27 GMT Received: from [65.144.11.20] (0-1pool11-20.nas2.greenwood1.ms.us.da.qwest.net [65.144.11.20]) by mirus.exceedtech.net (8.12.8/8.12.8) with ESMTP id k9MMweRg007625 for ; Sun, 22 Oct 2006 17:58:41 -0500 Message-ID: <453BF78E.7050207@exceedtech.net> Date: Sun, 22 Oct 2006 17:58:22 -0500 From: Dale User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.7) Gecko/20061016 SeaMonkey/1.0.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Firewalling and Sambra printer. References: <200610221728.49846.pupeno@pupeno.com> In-Reply-To: <200610221728.49846.pupeno@pupeno.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 2d0ed5a4-8dda-4ac2-b7fc-0884046b2f3d X-Archives-Hash: 707dcc0ea855df7561d5e8f119448028 Pupeno wrote: > Hello, > I have two computers (that are involved in this problem), phoenix is my Gentoo > workstation and desktop-1 is someone else's Windows box. Someone else happens > to have a printer and I don't, so, from time to time I use his printer. The > printer is shared, obviously, thru SMB (it's a windows box). I configured > CUPS to connect to it (I just used the KDE Kcontrol to configure it). > My problem is that when I bring up my firewall (a firewall using iptables on > phoenix, just protecting phoenix) printing stops working. In fact, all access > to desxtop-1 thru smb stops working. > The firewall is very simple, a simple stateful all-incomming-closed firewall: > > # iptables -vL > Chain INPUT (policy DROP 35510 packets, 16M bytes) > pkts bytes target prot opt in out source > destination > 329K 558M ACCEPT all -- lo any anywhere anywhere > 36M 54G ACCEPT all -- any any anywhere anywhere > state RELATED,ESTABLISHED > 3 228 ACCEPT icmp -- any any anywhere anywhere > icmp echo-request limit: avg 30/min burst 5 > 120 7057 ACCEPT icmp -- any any anywhere anywhere > 1 60 ACCEPT tcp -- any any anywhere anywhere > tcp dpt:ssh > > Chain FORWARD (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 21M packets, 3426M bytes) > pkts bytes target prot opt in out source > destination > phoenix ~ # > > Do you know why after bringing up this firewall I can't use the printer > anymore and/or how to solve it ? > > Thank you. Well I had a similiar issue a while back. This is what I did and it worked: > iptables -I INPUT 2 -p udp --dport 445 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p tcp --dport 445 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p udp --dport 138 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p tcp --dport 138 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p udp --dport 139 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p tcp --dport 139 --source 192.168.0.0/24 -j ACCEPT > iptables -I INPUT 2 -p tcp --dport 137 --source 192.168.100.0/24 -j ACCEPT > iptables -I INPUT 2 -p udp --dport 137 --source 192.168.100.0/24 -j ACCEPT I got that help from here: http://forums.gentoo.org/viewtopic-p-3371796.html#3371796 Maybe that will help you some. Oh, may need to change the ip numbers where needed. Dale :-) :-) :-) -- gentoo-user@gentoo.org mailing list