Author Topic: Firewall settings for Samba shares  (Read 1336 times)

lightkeeper

  • Regular Poster
  • **
  • Posts: 19
    • View Profile
Firewall settings for Samba shares
« on: January 12, 2009, 02:21:50 pm »
Have Linuxmce connected to linksys router which also connects to windows boxes and to the cable modem/world

with linuxmce firewall enabled and port 22 forwarded in router can get to internet from linuxmce, can Putty to linuxmce from windows - cant get samba to see the windows boxes - get mshome and linuxmce shows up thats all

with linuxmce firewall disabled can see all windows boxes ok, share files ok - all nice.

Are there some firewall rules I need to put in to get this to work with the firewall still enabled.

I have read the wiki about preferred 2 nic card, linuxmce as dhcp etc -- understand what I am trying to do is not preferred setup but want to try and get this working to just share files.  Can anyone advise on needed firewall tweaks?

tschak909

  • LinuxMCE God
  • ****
  • Posts: 5496
  • DOES work for LinuxMCE.
    • View Profile
Re: Firewall settings for Samba shares
« Reply #1 on: January 12, 2009, 03:20:29 pm »
No. What you're doing is very broken.

-Thom

Zaerc

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 2256
  • Department of Redundancy Department.
    • View Profile
Re: Firewall settings for Samba shares
« Reply #2 on: January 12, 2009, 04:29:03 pm »
...
with linuxmce firewall disabled can see all windows boxes ok, share files ok - all nice.
...

Problem solved! 

If you're not going to setup the network properly, you'll have little need for the firewall anyway.  Might as well turn lmce's internal DHCP server off too while you're at it, or your network will likely become flakey.  Just don't expect very much support with your crippled setup...
"Change is inevitable. Progress is optional."
-- Anonymous


lightkeeper

  • Regular Poster
  • **
  • Posts: 19
    • View Profile
Re: Firewall settings for Samba shares
« Reply #3 on: January 13, 2009, 03:30:38 am »
Ok, thanks for pointing me in the right direction.  I will RTFM some more and try and set this up the right way.

Bill

palentir

  • Making baby steps
  • Posts: 3
    • View Profile
Re: Firewall settings for Samba shares
« Reply #4 on: January 31, 2009, 10:45:54 am »
I would just like to say, i think such commets as 'very broken' & 'crippled setup' are a tad harsh. I'm in the same boat as lightkeeper. I love what MCE can do. but the more i learn that it "requires" to be the dhcp server, the more i become annoyed. I have a server for that, and genrally people have routers for it. so why cant mce be compatible with existing networking setups in peoples homes? Im ready to buy hardware to support mce but before i implement it into my home i need to test it. and taking over a dhcp server is something im not prepeared to do  :'(

posde

  • Administrator
  • LinuxMCE God
  • *****
  • Posts: 2958
  • Wastes Life On LinuxMCE Since 2007
    • View Profile
    • My Home
Re: Firewall settings for Samba shares
« Reply #5 on: January 31, 2009, 11:20:42 am »
Palentir,

a lot of posts have gone thru this subject.

As lmce wants to help you control everything, the route taken was by providing a DHCP server for the internal network. Do a search on the forum regarding DHCP, and you will find some VERY heated debate about it.

The functionality that lmce does provide right now, is provided due to the current concept of lmce .

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: Firewall settings for Samba shares
« Reply #6 on: January 31, 2009, 09:21:01 pm »
I would just like to say, i think such commets as 'very broken' & 'crippled setup' are a tad harsh. I'm in the same boat as lightkeeper. I love what MCE can do. but the more i learn that it "requires" to be the dhcp server, the more i become annoyed. I have a server for that, and genrally people have routers for it. so why cant mce be compatible with existing networking setups in peoples homes? Im ready to buy hardware to support mce but before i implement it into my home i need to test it. and taking over a dhcp server is something im not prepeared to do  :'(

Seriously, read before posting remarks like this. As possy points out, there are literally hundreds of threads on the subject - type "2 nics" into the search engine or similar and read. It is a fundamental part of the architecture for many many reasons. Moreover, in actual fact (when you understand what is needed) it has almost zero impact on your environment, you can easily plug in a LMCE without making any changes at all for the cost of a single NIC (<$20). But you won't understand that until you have read the background. Try searching under my name as well - I have explaned this several times before in the forums.

So before getting more "annoyed" over some random, arbitrary point, understand why it is like that first, and why it actually makes no difference once you set it up. (TIP: anything you want to interact with LMCE goes on the LMCE network and uses the LMCE DHCP server, anything you don't want to interact with LMCE can go on your existing network and use your existing DHCP server, the Core routes between the two)

palentir

  • Making baby steps
  • Posts: 3
    • View Profile
Re: Firewall settings for Samba shares
« Reply #7 on: February 01, 2009, 12:17:11 am »
Quote
anything you want to interact with LMCE goes on the LMCE network and uses the LMCE DHCP server, anything you don't want to interact with LMCE can go on your existing network and use your existing DHCP server

oh... so if i put a 2nd nic in, would I set a static ip, or would it take one from my other dhcp srv? Actually I feel rude asking that. im just about to go on a serious reading mission. my faith on the matter has been re-gained, lol. ty guys

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: Firewall settings for Samba shares
« Reply #8 on: February 01, 2009, 01:18:50 am »
I'm not sure you understand the basic topology of an LMCE set up, which is the first thing you learn, hence I say "read read read"!. Start on the wiki.linuxmce.org at least read the FAQ, hardware requirements, and the basic setup pages. Display Drivers and the AV Wizard pages are very useful as well. Finally, ensure you get the right hardware to maximise compatibility - this system is highly complex, the last thing you want to be doing is fighting hardware incompatibility at the same time!

You have 2 NICs. One is "external" the other is "internal". You plug your external NIC into a switch on your existing home network - it will now get its IP address from your existing DHCP server. The internal NIC is your LMCE network. Plug it into a different switch, and it will provide DHCP (plus all the extra things it uses DHCP for) to that network, never the twain shall meet!

Now move whatever you want to interact with LMCE onto the second switch, et voila! Done! They will now be served by LMCE. So PCs that may have media on them, move here. NAS devices, here. Systems you intend to use as Media Directors, here. VoIP phones, here. Units for running Orbiters (PDAs, webpads, etc), here. And for simplicity, you might as well move associated equipment like networked printers, so that they can easily be accessed by your PCs - they will just see it as another network and continue unchanged. LMCE will provide IP addresses and route traffic for things like printers, but otherwise ignore them.

As you can probably now see, you might as well just move everything from your existing, "external" network to the "internal" network as in practice it will do nothing to your environment. If you do that, then you can plug the "external" NIC directly into your broadband router and not even bother with an external switch.... or even reuse that switch as your internal switch... wow! see what I mean? no drama after all...