Find the answer to your Linux question:
Results 1 to 6 of 6
i actually have no idea how this works, but i'll give it a try. i have a LAN connected to a router. between my default computer (dual boot windows xp/slackware ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2003
    Location
    Sweden
    Posts
    7

    forwarding windows network


    i actually have no idea how this works, but i'll give it a try.
    i have a LAN connected to a router. between my default computer (dual boot windows xp/slackware 9) and the router is a linux firewall (that also serves as web-server). My problem is that i cannot use my windows desktop to share files between the other computers (windows) on the network. Is the microsoft network using some specific port for this? in that case, i'd like to know which port it is using so that i could configure my firewall. if anyone has done this, i'd be grateful for advise.

    Regards.

  2. #2
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    The traditional NMB/SMB ports are 137 through 139, but XP also uses some additional somewhere between 400 and 500. I don't remember the exact value off hand.
    However, I wouldn't guarantee that that's the issue. You see, NMB works very much by broadcasting, and if that computer is on a different subnet than the other network, the router won't route broadcasts between them (that's the purpose of having different subnets; to reduce network load from broadcasts). It might not do it even if they're on the subnet, depending on you have configured your router.

  3. #3
    Linux Enthusiast
    Join Date
    Jun 2002
    Location
    San Antonio
    Posts
    621
    okay, let me get this straight, your network looks like:
    Code:
    PC -> Firewall -> Router -> Internet
                         ^
                         |
                      Other computer
    ??? If so, why do you have the firewall on this side of the router? The firewall can be used as a router, and make it easier to trust the other computer to access the internal network. Might I suggest something along the lines of:
    Code:
    PC -> Router ->Firewall -> Internet
            ^
            |
           Other computer
    I respectfully decline the invitation to join your delusion.

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Apr 2003
    Location
    Sweden
    Posts
    7
    i want to have it that way too, but there are mightier things going on beyond the reach of my control. (My dad doesn't want a computer running in his bedroom).
    the first schedule is correct, yes.

  6. #5
    Linux Enthusiast
    Join Date
    Jun 2002
    Location
    San Antonio
    Posts
    621
    okay, if the first way is correct why do you have the firewall? To protect the Windows computer? If so, why don't you just lock down the Windows computer. Yes, it can be done. That firewall does nothing there, unless you are planning to set up some sort of weird DMZ that the "other computer" will be on with more computers. Either way, with that setup it still can be done. Just not securely. Since your "other computer" is connected directly to the router, then the internet if you open port 139 everyone on the internet will see it as open. This is a bad hole to fill, as there are lots of security issues. Anyway, enough of my "don't do this" speech, here is how to do it.

    set up your firewall to forward everything coming in on port 139 to the local network.
    Code:
    iptables -A FORWARD --source 192.168.0.0/32 --destination 0/0 -p tcp --sport 139 --dport 139 -j ACCEPT
    Should do it. I didn't test it, that is what you are here for That will turn on 139, I think you need 137 and 138 too, but am not sure.
    I respectfully decline the invitation to join your delusion.

  7. #6
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    If you want name resolution, you will want to forward 137 and 138, too, but I think they run over UDP instead of TCP. I'm still not sure that the firewall will accept forwarding over different subnets. Have you tried connecting directly to the IP address of the other computer (like \\192.168.0.2\) from the Winbloze computer? That should work if your forwarding is set up correctly.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •