Hi,
Im running a samba server on my Redhat 9 OS. Its all configured via
swat. While im using my redhat 9 machine I can type smbclient -L
(redhat9 IP add) -U csmith
it then asks me for my password and connects. (seems to work fine)

However, when I use my other computer running Slackware 9 and try to
connect: smbclient -L (redhat9 IP add) -U csmith it says:

added interface ip=192.168.1.12 bcast=255.255.255.255 nmask=0.0.0.0
error connecting to 192.168.1.11:139 (Connection refused)
Error connecting to 192.168.1.11 (Connection refused)
Connection to 192.168.1.11 failed

And when I try connecting using my windows 2000 machine, it doesnt
work.

So, thinking its a firewall problem, I ran nmap and noticed port 139
was not open on my redhat9 OS.
How would I open that port? Redhat 9 doesnt have /etc/inetd.conf
file.

Please help if your familar with Redhat 9.

Thanks everyone.
/cory

... and it came to pass that Cory Smith <csmith@stu.parkland.edu> uttered
forth:
>
>So, thinking its a firewall problem, I ran nmap and noticed port 139
>was not open on my redhat9 OS.
>How would I open that port?

run "lokkit" - check the firewall settings.

> Redhat 9 doesnt have /etc/inetd.conf
>file.

It's an /etc/xinet.d/ directory, but this only binds services to IP
address, not opens/closes ports. For that, you need
/etc/sysconfig/iptables

--

"Dungeon" Dave

I edited my iptables and inserted
A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 139 --syn -j ACCEPT
then ran lokkit. switched my firewall settings to medium and opened
port 139. reboot my machine. and still nothing worked.
any suggestions?
/cory


'Dungeon' Dave <Dungeon@tombstones.org.uk> wrote in message news:<hAuMuAGkdfd$Ew5R@queeg.tombstones.org.uk>...
> .. and it came to pass that Cory Smith <csmith@stu.parkland.edu> uttered
> forth:
> >
> >So, thinking its a firewall problem, I ran nmap and noticed port 139
> >was not open on my redhat9 OS.
> >How would I open that port?
>
> run "lokkit" - check the firewall settings.
>
> > Redhat 9 doesnt have /etc/inetd.conf
> >file.
>
> It's an /etc/xinet.d/ directory, but this only binds services to IP
> address, not opens/closes ports. For that, you need
> /etc/sysconfig/iptables

On 29 Sep 2003 10:19:10 -0700,
csmith@stu.parkland.edu (Cory Smith) wrote:

> I edited my iptables and inserted
> A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 139 --syn -j ACCEPT
> then ran lokkit. switched my firewall settings to medium and opened
> port 139. reboot my machine. and still nothing worked.
> any suggestions?

Running lokkit may have cancelled things out. As far as I'm aware, it
tends to write rules anew, each time that you run it, based on what you
enter into the GUI. I don't use lokkit, I write my rules by hand, so I
know exactly what they're doing. Mine would have been something like:

# iptables --append INPUT --protocol tcp --in-interface ppp+ --destination-port 137:139 --jump DROP
# iptables --append INPUT --protocol udp --in-interface ppp+ --destination-port 137:139 --jump DROP
# iptables --append INPUT --protocol tcp --in-interface eth+ --source 192.168.0.0/16 --destination-port 137:139 --jump ACCEPT
# iptables --append INPUT --protocol udp --in-interface eth+ --source 192.168.0.0/16 --destination-port 137:139 --jump ACCEPT

But try allowing UDP as well as TCP, and remember that more than one
port is using with SMB (read your /etc/services file for information).
Some systems use UDP and/or TCP. I did my system in an easier fashion,
most of my firewalling is against the outside world, with minimal
against the LAN.

Also make sure that Samba is configured to allow connections to the
addresses that you're using it with, too. Check your hosts allow= line
in the /etc/samba/smb.conf file.

e.g. hosts allow = 192.168. 127.0.0.1

And what interfaces Samba is listening to (its connection with the rest
of the LAN).

e.g. interfaces = 192.168.0.2/24

Another thing to check is that its not waiting for a browse master
election between the different systems. You can configure Samba so that
it insists that it's the browse master (you'll also have to configure
the other machines so that they give in). And, to announce itself as a
browse master for any other systems on the same LAN.

e.g. remote announce = 192.168.0.255
local master = yes
domain master = yes
preferred master = yes

--
My "from" address is totally fake. (Hint: If I wanted e-mails from
complete strangers, I'd have put a real one, there.) Reply to usenet
postings in the same place as you read the message you're replying to.

... and it came to pass that Cory Smith <csmith@stu.parkland.edu> uttered
forth:
>
>'Dungeon' Dave <Dungeon@tombstones.org.uk> wrote in message
>news:<hAuMuAGkdfd$Ew5R@queeg.tombstones.org.uk>...
>> .. and it came to pass that Cory Smith <csmith@stu.parkland.edu> uttered
>> forth:
>> >
>> >So, thinking its a firewall problem, I ran nmap and noticed port 139
>> >was not open on my redhat9 OS.
>> >How would I open that port?
>>
>> run "lokkit" - check the firewall settings.
>>

(top-posting corrected)

>I edited my iptables and inserted
>A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 139 --syn -j ACCEPT
>then ran lokkit. switched my firewall settings to medium and opened
>port 139.

How did you check it was open?

> reboot my machine.

er... why?

> and still nothing worked.

After the reboot? I think you've snarled something more than just your
firewall.

>any suggestions?

Firstly, trim and bottom-post, so that the flow makes a bit more sense.

Secondly, you can check which services are listening on your machine
with: "netstat -n" - this should show port 139 in listening mode.

If it's listening but nmap shows it's not open, then there's still a
rule blocking it. The easiest method (but possibly not the safest) is to
stop your firewall first, using:

/etc/init.d/iptables stop

If it works after that, then there's a duff firewall rule. However, if
you've just rebooted your machine and nothing now works, I think you may
have duff hardware.
--

"Dungeon" Dave