[Shorewall-users] Question on samba/nmbd

Brian Fallik baf11@cornell.edu
Sun, 14 Apr 2002 21:57:22 -0400


Is shorewall configured by default to drop/reject udp broadcasts?

I'm trying to setup samba and my windows machines can't see the samba server
(which is also the firewall).  I see the following errors in log.nmbd:

[2002/04/14 20:55:32, 0] libsmb/nmblib.c:send_udp(777)
  Packet send failed to 192.168.2.255(137) ERRNO=Operation not permitted
[2002/04/14 20:55:32, 0] nmbd/nmbd_packets.c:send_netbios_packet(174)
  send_netbios_packet: send_packet() to IP 192.168.2.255 port 137 failed
[2002/04/14 20:55:32, 0] nmbd/nmbd_namequery.c:query_name(257)
  query_name: Failed to send packet trying to query name OCTO<1d>

My policies are setup as:
#SOURCE         DESTINATION     POLICY          LOG LEVEL
loc             fw              DROP            info
loc             net             ACCEPT
fw              net             ACCEPT
net             all             DROP            info
all             all             REJECT          info

Any help debugging would be appreciated.  I'm pretty much out of ideas on
how to take this further.  I've scoured usenet and google and haven't found
anything helpful.

Thanks,
brian