hi i had and old amd machine that was sitting in the corner and spare 3 HDD so i decide to install linux and put some ware and use it as samba file server. i installed fedora core 6 and the installation was smooth and one more point i don't have a spare monitor so i connected it directly to the router and using ssh to config the server. when i installed ssh was opened through the fire wall, 'cause it was default . then i configure the samba server. when i tried to access the server i got the error "Network path not found" i later found that the samba was being blocked by the firewall. geeks out there plz help to config FC6 firewall from the ssh shell.
thank you.
have a nice day.
config linux from command shell
Started by
scriptkiddy
, Nov 08 2006 12:08 PM
3 replies to this topic
#2
systems_glitch
-
- Moderating Team
-
- 1,461 posts
Dangerous free thinker
- Gender:Male
Posted 08 November 2006 - 12:51 PM
Haven't used FC6, but in RH9 (pre-Fedora) there was a firewall manager under the System menu. It's probably still there, as I can't imagine removing something like that. That would work, of course, only if you plugged a monitor into the machine and loaded up X Windows (you can also install a VNC server and have graphical access to the machine over the network).
From command line, try this guide to setting up a FC6 server (the link will take you to the Samba section; scroll down to the Firewall/SELinux section):
http://www.mjmwired....-fc6.html#samba
From command line, try this guide to setting up a FC6 server (the link will take you to the Samba section; scroll down to the Firewall/SELinux section):
http://www.mjmwired....-fc6.html#samba
#3
Dirk Chestnut
-
- Members
-
- 268 posts
SUP3R 31337 P1MP
- Location:248
Posted 08 November 2006 - 03:32 PM
Log in via SSH, switch to root and do the following-
First, some text editing. If you know how to use vi, you're set. If not, use nano. You open a file to edit by typing "nano <filename>" Commands are shown at the bottom. ^X is shorthand for CTRL+X
Edit /etc/sysconfig/system-config-securitylevel to add the following lines:
In /etc/sysconfig/iptables add the following lines-
Your firewall doesn't have the rules loaded, so type in:
NOTE: Be really careful when editing files by hand if you're not used to Linux at the command line. If the above makes you nervous, I recommend hooking your monitor back up, and logging in locally. You can find a graphical admin tool at System --> Administration --> Security Level
Just enable the checkbox for Samba, and you should be set.
First, some text editing. If you know how to use vi, you're set. If not, use nano. You open a file to edit by typing "nano <filename>" Commands are shown at the bottom. ^X is shorthand for CTRL+X
Edit /etc/sysconfig/system-config-securitylevel to add the following lines:
--port=137:udp --port=138:udp --port=139:tcp --port=445:tcpThese are entries the graphical tool Security Level uses, they don't really open the firewall.
In /etc/sysconfig/iptables add the following lines-
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPTThese are the actual firewall rules. You edited two files to keep the graphical tool AND the firewall rules in-sync.
Your firewall doesn't have the rules loaded, so type in:
/etc/init.d/iptables restartAnd hit enter. You should get four green OKs.
NOTE: Be really careful when editing files by hand if you're not used to Linux at the command line. If the above makes you nervous, I recommend hooking your monitor back up, and logging in locally. You can find a graphical admin tool at System --> Administration --> Security Level
Just enable the checkbox for Samba, and you should be set.
Edited by Dirk Chestnut, 08 November 2006 - 03:33 PM.
#4
scriptkiddy
-
- Members
-
- 39 posts
H4x0r
Posted 09 November 2006 - 04:37 AM
Log in via SSH, switch to root and do the following-
First, some text editing. If you know how to use vi, you're set. If not, use nano. You open a file to edit by typing "nano <filename>" Commands are shown at the bottom. ^X is shorthand for CTRL+X
Edit /etc/sysconfig/system-config-securitylevel to add the following lines:--port=137:udp --port=138:udp --port=139:tcp --port=445:tcpThese are entries the graphical tool Security Level uses, they don't really open the firewall.
In /etc/sysconfig/iptables add the following lines--A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPTThese are the actual firewall rules. You edited two files to keep the graphical tool AND the firewall rules in-sync.
Your firewall doesn't have the rules loaded, so type in:/etc/init.d/iptables restartAnd hit enter. You should get four green OKs.
NOTE: Be really careful when editing files by hand if you're not used to Linux at the command line. If the above makes you nervous, I recommend hooking your monitor back up, and logging in locally. You can find a graphical admin tool at System --> Administration --> Security Level
Just enable the checkbox for Samba, and you should be set.
thanks mate, my little samba server is up and running!!!!!!!!!!! cheers
BinRev is hosted by the great people at Lunarpages!
