problems connecting samba shares
Andrei Kolu
antik at bsd.ee
Wed Nov 15 17:11:19 UTC 2006
Hi!
I am struggling here with PF firewall and just can't connect to any samba
share if PF is enabled:
set block-policy return
set loginterface rl0
scrub in all
block in log all
pass out all keep state
table <blacklist> persist file "/etc/blacklist"
pass inet proto icmp from any to any
antispoof for rl0
pass in on rl0 proto udp from any to (rl0) port 445 keep state
pass in on rl0 proto udp from any to (rl0) port 137 keep state
pass in on rl0 proto udp from any to (rl0) port 138 keep state
pass in on rl0 proto udp from any to (rl0) port 139 keep state
pass in on rl0 proto tcp from any to (rl0) port 22 keep state
pass in on rl0 proto tcp from any to (rl0) port 80 keep state
pass in on rl0 proto tcp from any to (rl0) port 445 keep state
pass in on rl0 proto tcp from any to (rl0) port 137 keep state
pass in on rl0 proto tcp from any to (rl0) port 138 keep state
pass in on rl0 proto tcp from any to (rl0) port 139 keep state
block on rl0 from <blacklist> to any
# tcpdump -n -e -ttt -i pflog0
278062 rule 0/0(match): block in on rl0: 192.168.2.100.137 >
192.168.2.101.53259: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
More information about the freebsd-pf
mailing list