Bug 140763 - Samba access through Firewall
Samba access through Firewall
Status: CLOSED DUPLICATE of bug 133478
Product: Fedora
Classification: Fedora
Component: system-config-securitylevel (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Paul Nasrat
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2004-11-24 14:17 EST by John Raff
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-21 14:07:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John Raff 2004-11-24 14:17:27 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
This is NOT a bug but a feature request.

Somewhere in the Samba or SMB setup there should be a "open firewall"
request or instructions on what ports to open in the firewall to allow
the Samba server to operate.

At the least the Help should indicate what are the common ports and
where to open them in the firewall configuration for Samba / SMB server.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Open Samba config
2. Try to find what port Samba / SMB is operating on.
3. Not finding any, guess at what port out of the 65K that is in use
for this particular server. NOT easy!!!

Actual Results:  I didn't find the port.

Expected Results:  I want to be shown the current local port that the
Samba / SMB server is using. So I know what port to open in the firewall.

Additional info:

The same should be done for ALL server setups so that the uninitiated
"noobie" doesn't have to wade around in some esoteric document looking
for ports for common server usage. And then find that the local
machine has been set to some off-the-wall port for what ever reason.
Access the configuration table/file and show what ports need to be
opened and whether UDP or TCP.
Comment 1 Sitsofe Wheeler 2004-11-24 15:08:13 EST
This sounds similar to bug 133478
Comment 2 John Raff 2004-11-24 18:19:39 EST
It's related, but what I'm bitching about it the lack of hand holding
for the newbie to know (s)he has to open ports in the Firewall. There
is nothing in the Help nor in the GUI config to inform him/her what to
open nor how.

I think there should be something in the Samba GUI to inform the user
to open such and such ports in the firewall so the server/client can
gain access. Don't assume that Samba is using the default ports/types
get the info from smb config file.
And to the same type of thing for all other network clients/servers
that aren't currently listed in the GUI Firewall config.
JLR 11/24/04 6:30PM
Comment 3 Sitsofe Wheeler 2004-11-24 18:51:47 EST
Hmm. Well for the record netstat --inet --listen -p (as root)
typically tells you what programs are listening and on what ports.
It's a bit weird to run services on their non standard ports though.
Comment 4 Jay Fenlason 2004-11-29 17:21:51 EST
This functionality properly belongs in system-config-securitylevel, 
which is responsible for firewall and selinux configuration.  
says that Samba uses the following ports: 
   UDP/137 - used by nmbd 
   UDP/138 - used by nmbd 
   TCP/139 - used by smbd 
   TCP/445 - used by smbd 
This is page 193 of The Official Samba-3 HOWTO and Reference Guide 
(3rd printing) published by Prentice Hall.  (html and pdf versions 
are avaliable in /usr/share/doc/samba* .) 
Comment 5 Paul Nasrat 2004-11-29 17:31:20 EST
Yup we need to add config for smb/cifs browsing and serving.  Have bug
for that already.

*** This bug has been marked as a duplicate of 133478 ***
Comment 6 John Raff 2004-11-30 15:06:31 EST
Neither the GUI config nor the related help reference this document.
It might be helpful if they hand a link to it!!!!!
Comment 7 Red Hat Bugzilla 2006-02-21 14:07:16 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.