UFW Blocks samba

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
JayBird707
Level 2
Level 2
Posts: 74
Joined: Sat Jan 30, 2016 9:56 pm

UFW Blocks samba

Postby JayBird707 » Sun Dec 03, 2017 6:53 pm

Thanks for reading and trying to lend a hand.

I don't know what I or some application touched but now I can't use Samba with UFW running. If I turn off UFW I can see all my smb clients. I uninstalled and reinstalled UFW and Samba and no change. I have the same rules in UFW I've always used, here a conpy of UFW Status:

Code: Select all

jeffrey@jeffrey-HP-Compaq-Pro-6300-SFF ~ $ sudo ufw status
[sudo] password for jeffrey:
Status: active

To                         Action      From
--                         ------      ----
137,138/udp                ALLOW       Anywhere                 
139,445/tcp                ALLOW       Anywhere                 
22/tcp                     ALLOW       Anywhere                 
137,138/udp (v6)           ALLOW       Anywhere (v6)             
139,445/tcp (v6)           ALLOW       Anywhere (v6)             
22/tcp (v6)                ALLOW       Anywhere (v6)             

137,138/udp                ALLOW OUT   Anywhere                 
139,445/tcp                ALLOW OUT   Anywhere                 
22/tcp                     ALLOW OUT   Anywhere                 
137,138/udp (v6)           ALLOW OUT   Anywhere (v6)             
139,445/tcp (v6)           ALLOW OUT   Anywhere (v6)             
22/tcp (v6)                ALLOW OUT   Anywhere (v6) 


I've rebooted, stood on my head and crossed my fingers and still the only way to see the network clients is by turning UFW Off. Here's my System Info Report:

Code: Select all

 System:    Host: jeffrey-HP-Compaq-Pro-6300-SFF Kernel: 4.10.0-40-generic x86_64 (64 bit gcc: 5.4.0)
           Desktop: Cinnamon 3.6.6 (Gtk 3.18.9-1ubuntu3.3) dm: lightdm Distro: Linux Mint 18.3 Sylvia
Machine:   System: Hewlett-Packard product: HP Compaq Pro 6300 SFF Chassis: type: 4
           Mobo: Hewlett-Packard model: 339A Bios: Hewlett-Packard v: K01 v02.90 date: 07/16/2013
CPU:       Quad core Intel Core i5-3570 (-MCP-) cache: 6144 KB
           flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 27136
           clock speeds: min/max: 1600/3800 MHz 1: 1601 MHz 2: 1689 MHz 3: 1608 MHz 4: 1623 MHz
Graphics:  Card: NVIDIA G98 [GeForce 9300 GE] bus-ID: 01:00.0 chip-ID: 10de:06e0
           Display Server: X.Org 1.18.4 drivers: nvidia (unloaded: fbdev,vesa,nouveau)
           Resolution: 1366x768@59.79hz
           GLX Renderer: GeForce 9300 GE/PCIe/SSE2
           GLX Version: 3.3.0 NVIDIA 340.102 Direct Rendering: Yes
Audio:     Card Intel 7 Series/C210 Series Family High Definition Audio Controller
           driver: snd_hda_intel bus-ID: 00:1b.0 chip-ID: 8086:1e20
           Sound: Advanced Linux Sound Architecture v: k4.10.0-40-generic
Network:   Card: Intel 82579LM Gigabit Network Connection
           driver: e1000e v: 3.2.6-k port: f040 bus-ID: 00:19.0 chip-ID: 8086:1502
           IF: eno1 state: up speed: 1000 Mbps duplex: full mac: <filter>
Drives:    HDD Total Size: 6501.3GB (46.2% used)
           ID-1: /dev/sda model: ST31000524AS size: 1000.2GB serial: 6VPD7F1N
           ID-2: /dev/sdb model: SAMSUNG_HM500JI size: 500.1GB serial: S1YMJ10S503982
           ID-3: USB /dev/sdd model: 10EADS_External size: 1000.2GB serial: WD-WCAV50182493
           ID-4: USB /dev/sdc model: My_Book_25EE size: 4000.8GB serial: 574343374B344C4139324C38-0:0
Partition: ID-1: / size: 30G used: 8.5G (31%) fs: ext4 dev: /dev/dm-0
           ID-2: /var size: 4.8G used: 1.8G (40%) fs: ext4 dev: /dev/dm-1
           ID-3: /boot size: 464M used: 172M (40%) fs: ext4 dev: /dev/sda1
           ID-4: /home size: 591G used: 272G (49%) fs: ext4 dev: /dev/dm-2
           ID-5: swap-1 size: 8.39GB used: 0.00GB (0%) fs: swap dev: /dev/sda2
RAID:      System: supported: N/A
           No RAID devices: /proc/mdstat, md_mod kernel module present
           Unused Devices: none
Sensors:   System Temperatures: cpu: 29.8C mobo: 27.8C gpu: 0.0:58C
           Fan Speeds (in rpm): cpu: N/A
Repos:     Active apt sources in file: /etc/apt/sources.list.d/google-chrome.list
           deb [arch=amd64] http: //dl.google.com/linux/chrome/deb/ stable main
           Active apt sources in file: /etc/apt/sources.list.d/kdenlive-kdenlive-stable-xenial.list
           deb http: //ppa.launchpad.net/kdenlive/kdenlive-stable/ubuntu xenial main
           deb-src http: //ppa.launchpad.net/kdenlive/kdenlive-stable/ubuntu xenial main
           Active apt sources in file: /etc/apt/sources.list.d/official-package-repositories.list
           deb http: //packages.linuxmint.com sylvia main upstream import backport #id:linuxmint_main
           deb http: //archive.ubuntu.com/ubuntu xenial main restricted universe multiverse
           deb http: //archive.ubuntu.com/ubuntu xenial-updates main restricted universe multiverse
           deb http: //archive.ubuntu.com/ubuntu xenial-backports main restricted universe multiverse
           deb http: //security.ubuntu.com/ubuntu/ xenial-security main restricted universe multiverse
           deb http: //archive.canonical.com/ubuntu/ xenial partner
Info:      Processes: 265 Uptime: 5 min Memory: 928.4/18006.5MB
           Init: systemd v: 229 runlevel: 5 default: 2 Gcc sys: 5.4.0 alt: 4.9
           Client: Unknown python2.7 client inxi: 2.2.35   


Any advice or pointing ion the right direction is appreciated.
Dell Studio 1737 Laptop: HP6300 Desktop: HP8000 SFF Desktop all on Linux Mint!

User avatar
Joe2Shoe
Level 3
Level 3
Posts: 110
Joined: Wed Oct 18, 2017 8:12 pm
Location: Ozone

Re: UFW Blocks samba

Postby Joe2Shoe » Sun Dec 03, 2017 9:59 pm

"Tolerance is the refuge of men without conviction."
"Common sense is not so common" - Voltaire

User avatar
Joe2Shoe
Level 3
Level 3
Posts: 110
Joined: Wed Oct 18, 2017 8:12 pm
Location: Ozone

Re: UFW Blocks samba

Postby Joe2Shoe » Sun Dec 03, 2017 10:01 pm

Possibly the simplest way currenly (2015):

sudo ufw allow Samba
"Tolerance is the refuge of men without conviction."
"Common sense is not so common" - Voltaire

greerd
Level 5
Level 5
Posts: 791
Joined: Sat Jul 31, 2010 10:58 am
Location: Nova Scotia, Canada

Re: UFW Blocks samba

Postby greerd » Sun Dec 03, 2017 10:10 pm

You could try allowing the ip addresses and ports of your samba clients, for example

Code: Select all

sudo ufw allow proto udp from xx.xx.xx.xx to any port 137:138
sudo ufw allow proto tcp from xx.xx.xx.xx to any port 139:445
where xx.xx.xx.xx is the address of one of your samba clients. Do the same for all clients.

Also you might want to consider deleting the ipv6 rules if you don't use them. Note that rules created this way cannot be deleted from gufw, they must be deleted using ufw commands.

One way to delete a specific rule created this way is to list the rules numbered sudo ufw status numbered, find the rule number and then sudo ufw delete # (where # is the rule number)

Good luck
Image

psicotron3
Level 1
Level 1
Posts: 2
Joined: Mon Dec 04, 2017 8:45 pm

Re: UFW Blocks samba

Postby psicotron3 » Tue Dec 05, 2017 10:31 am

There's a topic with workaround for this problem: https://forums.linuxmint.com/viewtopic.php?p=1396779#p1396779

Maybe one of the solutions work for your situation.

JayBird707
Level 2
Level 2
Posts: 74
Joined: Sat Jan 30, 2016 9:56 pm

Re: UFW Blocks samba

Postby JayBird707 » Wed Dec 06, 2017 1:51 pm

Let me begin by thanking everyone for their input.
I have found that the best thing for me to do is to follow these steps:
1- Disable UFW
2- In Nemo use File>Connect to Server using the remote host's IP address connect to the shared folder and create a Bookmark.
3- Enable UFW and add the Samba rule.

On my network it's not that bad since I use all Static IP addresses.

It's hard to believe from all the replies and research that a this browsing problem has existed for years.
Dell Studio 1737 Laptop: HP6300 Desktop: HP8000 SFF Desktop all on Linux Mint!


Return to “Other networking topics”