Saturday 10 May 2014

ufw - Letting Samba Play

In yesterday's post on security I mentioned that, if you share files on your network using Samba, you'll have to add some special rules to your firewall. Fear not, this is pretty easy!

Open a terminal and type the following commands pressing enter after each one.

sudo ufw allow proto udp from 192.168.1.0/24 to any port 137

sudo ufw allow proto udp from 192.168.1.0/24 to any port 138

sudo ufw allow proto tcp from 192.168.1.0/24 to any port 139

sudo ufw allow proto tcp from 192.168.1.0/24 to any port 445

You may not have the same address as the one used in the example code above - you can check your own ip address in your terminal (in Linux) using:

ifconfig -a

Find your (live) network connection from the list and identify the inet addr data and amend the above rules accordingly. As you add each new rule, the terminal will confirm that it has been added successfully. However, you can check the status of your firewall once all of the rules have been added with:

sudo ufw status

If all's gone well, you should see something like the screen below:

Check Your Rules

Remember, to access folders and files you'll need a Samba password on the server (you'll be prompted for your username & password when you try to access the files through your file manager). You can add a user and password from the terminal:

sudo smbpasswd -a [username]

Change [username] to suit your circumstances. You'll be prompted for you root password (if you're not already operating at elevated permissions) and then for a SMB password - this is the password that you'll use to access files from a client computer. Confirm your SMB password when prompted.

Reboot and you should be able to access files from a remote client. Remember, you will have to open these ports on any pc with ufw enabled if you want to share folders and files using Samba.

Sources & References:

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)