[plug] Mandrake 9.0 firewall?? problem

Graham, Alan A. Alan.Graham at woodside.com.au
Tue Nov 26 15:55:53 WST 2002 

DIsclaimer.  I'm not at a unix box at the moment, so I can't check this.

In both smb.conf and hosts.allow you've got 10.0.0.1 as if was a network
address.  It's not, it's a host address.  Network addresses are specified
with 0 in the hosts portion.  You've specified a netmask in hosts.allow of
255.255.0.0, which implies a network portion of x.x.0.0 and a hosts portion
of x.x.nnn.nnn, ie, an old style class B address.  If you really want to
allow 65535 hosts on your network, then the network address should be
"10.0.0.0" with a netmask of "255.255.0.0".

Remember that the low value (eg 0) of the hosts portion of the address is
reserved to mean the entire network, and high value of the hosts portion
(255.255 in your case) is reserved as the broadcast address.  That's why
you're seeing 10.0.255.255 as the address in the nmbd failure message,
because nmb uses broadcasts to do discovery.

So...  change smb.conf to say 10.0.0.0

Change /etc/hosts.allow to say 10.0.0.0/255.255.0.0

HTH

Alan

> -----Original Message-----
> From:	Stephen Boak [SMTP:sboak at westnet.com.au]
> Sent:	Tuesday, 26 November 2002 15:20
> To:	plug at plug.linux.org.au
> Subject:	[plug] Mandrake 9.0 firewall?? problem
> 
> Firstly, thanks for the help via Harry about the screensaver/crash
> problem. It was the bios power management. Turned it off and now
> Linux is as crashproof as it is supposed to be...
> 
> My linux background: long time user, since the yggdrasil(?) days, but
> never seriously into the configuration files until I was thrown in
> the deep end a few days ago to rebuild the Nannup Telecentre system
> after a seriously bad hacking experience. Now possiblly ranked as an
> amateur sysadmin. Sounds dangerous :)
> 
> Now the next step in the game. I'm running Mandrake 9.0 server
> install with the Gnome GUI, using Samba as logon/file server for 13
> PCs with w..98 installed. Samba seems ok, but I'm getting 'www
> nmbd[2568]: Packet send failed to 10.0.255.255(138) ERROR=Operation
> not permitted' messages in /var/log/messages. At the moment, I
> suspect some firewall operation that I haven't found or don't know
> about.
> 
> >From reading various posts, the things I have checked:
> 
> Samba becomes: 
> logon server for workgroup USERS on subnet 10.0.0.1 OK
> domain master browser for workgroup USERS on subnet 10.0.0.1 OK.
> local master browser for workgroup USERS on subnet 10.0.0.1 OK.
> 
> One test W..98 PC is assigned 10.0.0.26 by dhcp (that's working)
> 
> arp is working:
> arp who-has 10.0.0.1 tell 10.0.0.26
> arp reply 10.0.0.1 is-at 0:10.4b:63.xx.xx
> 
> can't ping 10.0.0.26 - sendmsg: Operation not permitted
> 
> /etc/hosts contains:
> 127.0.0.1 localhost.localdomain localhost
> 10.0.0.1  www.nannuptc.org.au www
> 
> /etc/hosts.deny contains:
> ALL:ALL
> 
> /etc/hosts.allow contains: 
> ALL:10.0.0.1/255.255.0.0
> 
> /etc/samba/smb.conf contains no host allow/deny statements
> 
> iptables -L gives:
> 
> chain INPUT (poicy DROP)
> ACCEPT all -- anywhere anywhere
> 
> chain FORWARD (poicy DROP)
> 
> chain OUTPUT (poicy DROP)
> OUTPUT all -- anywhere anywhere
> 
> (shorewall firewall is installed, but is 'STOP'ed.)
> 
> from ifconfig eth0:
> inet addr:10.0.0.1 Bcast:10.0.255.255 Mask:255.255.0.0
> 
> from route:
> 10.0.0.0  * 255.255.0.0 U 0 0 0 eth0
> 127.0.0.0 * 255.0.0.0   U 0 0 0 lo
> (no dialup running at the moment)
> 
> Any more info will be gladly provided...
> 
> Steve
> 
> 
> 
> 
> -- 
> This email was received from the Internet.  If this email is unsolicited,
> non-business related, inappropriate or spam, please forward it to
> spamfilter at woodside.com.au

More information about the plug mailing list