Bugzilla – Bug 121909
firewall blocks smb client workgroup file browsing
Last modified: 2005-12-05 13:44:07 UTC
Browsing other computers in a SMB workgroup fails with firewall running even after port for SMB sharing is opened. When samba server is set up other computers can access smb shares on SUSE 10.0 box. However, SUSE 10 box is unable to see SMB shares in the workgroup. Access to SMB shares on other computers blocked until firewall is shut down. With firewall configured and running access to SMB shares is only one way. Firewall's SMB port configured from YaST Samba Server module. YaST Firewall module offers a "Samba Server" allowed selection but not a "Samba Client" selection. 3 computers in workgroup "TUX-NET": 1 - SUSE 10.0, 1 - SUSE 9.2, 1 - WinXP SUSE 10.0 and 9.2 boxes have 1 NIC each, configured as "external" in Firewall config (noticed that 9.2 firewall was turned off, as well) SUSE 10.0 computer and its SMB share can be seen from all boxes. SUSE 10.0 box can see its own SMB share but cannot see other computers' shares.
Yes, same problem here on SuSE 10 (not present in 9.3) I can't see any PC on the Windows network but I can share files and printers, but I can't browse the workgroup and can't access to other computers. It seems SuSEfirewall just opens ports 139 and 445, while 137 and 138 are required too.
Use a WINS server or switch off the firewall/set zone for LAN to internal. Broadcast based services that do not use a fixed source port will not work with enabled packetfilter.