Bug 104965

Summary: Firewall blocks smb:/ in Konqueror
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Marcel Hilzinger <marcel>
Component: YaST2Assignee: Lukas Ocilka <locilka>
Status: RESOLVED DUPLICATE QA Contact: Klaus Kämpf <kkaempf>
Severity: Major    
Priority: P5 - None CC: alberto.passalacqua, opensuse
Version: Beta 1   
Target Milestone: ---   
Hardware: 32bit   
OS: All   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcel Hilzinger 2005-08-16 16:04:46 UTC 
After a clean install, it is not possible to browse Windows-Networks due to 
the running firewall. This is OK (for me :-). 
The Problem is, that there is no possibility to open the firewall for the 
KDE-Samba-Client in YaST. Even if you add Samba-Server to the list of allowed 
services, you cannot access Windows PCs. 
 
1. Why is there no Samba-Client entry in the Firewall-Module? 
 
2. Why not add the possibility to open the Firewall for Samba-Client during 
install (like SSH).
Comment 1 Lukas Ocilka 2005-08-16 19:32:36 UTC 
Please see bug #81254 and bug #71093

*** This bug has been marked as a duplicate of 71093 ***
Comment 2 Alberto Passalacqua 2005-11-04 20:09:28 UTC 
I have the same problem, but the bug 71093 is unaccessible to me. It says I'm not authorized to see it.

What the solution to this problem, if any?

Thanks
Comment 3 Lukas Ocilka 2005-11-07 07:39:59 UTC 
Comment #7 From Jiri Suchomel 2005-08-02 04:50 MST [reply]
Private

Lars, it is necessary to open some port in firewall on client while looking for
available domains?

Comment #8 From Ludwig Nussel 2005-08-02 05:07 MST [reply]
Private

Same problem as always. iptables cannot handle broadcast that originate from 
random source ports ie broadcast based client-only browsing on firwall 
protected interfaces will not work. It works via unicast if you have wins 
server and the workgroup set properly, see 
https://bugzilla.novell.com/show_bug.cgi?id=71093#c6 

Comment #9 From Jiri Suchomel 2005-08-02 05:12 MST [reply]
Private

so it remains fixed as Lukas wrote in comment #6 and unresolved on the client
side
Comment 4 Dirk Stoecker 2006-03-09 16:59:33 UTC 
Hello,

Adding a Samba-Client entry, which permits UDP inputs to random ports originating from 137-139 (445?) fixes the problem (at least in my hand-written iptables file). Due to the inaccessability of the two other bug-reports I cannot see if this has already been discussed.

The comment #8 seems not to be totally correct I think. Thought the random
source broadcast is the initial problem, but the blocked packets are the
incomming UDP packets and they come from a specified source port.