Spook ZA wrote: > Hi. > > 2009/3/31 Rob Kampen <rkampen at kampensonline.com>: > >> Hi folk, >> I am trying to get iptables working on a samba server but find it is >> blocking something that prevents the windoze clients from being able to >> access the share. >> here are the bits from iptables: >> >>> # nmb provided netbios-ns >>> -A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.230.100/24 -i eth1 --dport >>> 137 -j ACCEPT >>> # nmb provided netbios-dgm >>> -A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.230.100/24 -i eth1 --dport >>> 138 -j ACCEPT >>> # Samba >>> -A RH-Firewall-1-INPUT -p tcp -m tcp -m state -s 192.168.230.100/24 -i >>> eth1 --dport 135 --state NEW -j ACCEPT >>> # smb provided netbios-ssn >>> -A RH-Firewall-1-INPUT -p tcp -m tcp -m state -s 192.168.230.100/24 -i >>> eth1 --dport 139 --state NEW -j ACCEPT >>> # smb provided microsoft-ds >>> -A RH-Firewall-1-INPUT -p tcp -m tcp -m state -s 192.168.230.100/24 -i >>> eth1 --dport 445 --state NEW -j ACCEPT >>> > Your source address is invalid. > If you want access from the entire 192.168.230.x subnet, you have to > use a source of 192.168.230.0/24. > If you want access from only 100, then you need to specify the source > as 192.168.230.100/32 (a single address with a mask to match or just > leave the mask off). > Sorry, not so, tried changing it as you suggested but no go. the /24 masks the last octet thus you can have any value from 0~254. > HTH > > Regards, > Andrew. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- A non-text attachment was scrubbed... Name: rkampen.vcf Type: text/x-vcard Size: 121 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20090331/2d446f5d/attachment-0005.vcf>