SMB Shares Firewall Ports Question

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
Post Reply
antidote21984
Level 1
Level 1
Posts: 7
Joined: Wed Oct 12, 2011 7:26 pm

SMB Shares Firewall Ports Question

Post by antidote21984 » Mon Nov 05, 2018 2:37 pm

Hi All, Apologies if this is a bit long-winded lol.

I have set up an Openmediavault4 NAS on a Raspberry Pi as a bit of an experiment and to re-purpose some old hardware. The NAS is sharing a few folders using SMB (3.x I think). The setup is pretty simple - just a single router as the default gateway with all computers (Mint/Win10 and osx laptops) connected over wifi. The NAS itself is cabled to the router. The Mint machines are running Mint 18.3 xfce 64 bit and Mint 18.3 Cinamon 64 bit. Both are pretty stock and up-to-date.

If I put no firewall rules on the NAS then it all works great on all platforms.

Then I put some inbound firewall restrictions on the NAS but left the following ports open (screenie attached):
rules.png
Now, the win10 and max Os laptops can still see the shares fine but the Mint machines (which are my favourites for day-to-day use) cannot :shock: .

I have tried disabling the ufw on the Mint boxes and it makes no difference.

Do I need to open any other ports to let Mint see the SMB shares or is there a way to see what ports it is using when the firewall on the NAS is disabled so that I can then add them to the tables?

Appreciate any help.

Thanks.

antidote21984
Level 1
Level 1
Posts: 7
Joined: Wed Oct 12, 2011 7:26 pm

Re: SMB Shares Firewall Ports Question

Post by antidote21984 » Tue Nov 06, 2018 1:27 pm

Never mind. It wasn't a firewall issue. I can see it by typing smb://<ip address> in Thunar so not the end of the world but Mint cannot access it by browsing the network. Do I need to add anything? I remember seeing something about Workgroup=WORKGROUP somewhere lol. Cheers.

altair4
Level 19
Level 19
Posts: 9310
Joined: Tue Feb 03, 2009 10:27 am

Re: SMB Shares Firewall Ports Question

Post by altair4 » Tue Nov 06, 2018 3:22 pm

There's two ways Linux can browse or "discover" samba hosts on the network. The Windows way using the old netbios mechanism or the mDNS ( avahi ) way that Linux and macOS use.

According to the manual ( which I admit I just looked up on google ) it states here: https://openmediavault.readthedocs.io/e ... tures.html
Service Discovery: Using avahi-daemon [2] is possible to announce the following services Samba, NFS, AFP, FTP, web admin panel, to any Linux desktop with file browser that supports it (GNOME, KDE or XFCE for example).
Try this:

Disable the firewall on the device then run this command on your Linux box:

Code: Select all

avahi-browse -at | grep IPv4
You should see your openmediavault thingy listed as Microsoft Windows Network to denote SMB.

Then re-enable the firewall of the device and run the avahi-browse command again. If it disappears you may need to enable it in Openmediavault since another part of the manual states:
Service Discovery

This panel configures avahi-daemon announce services. You can disable selectively by service and/or change the common name announce. Plugins can add their service here also. Avahi announces are recognized by Linux file browsers by default.
It should be automatic on your Mint machine - not under "windows network" but under network itself.

Usually in Linux there is no need to allow avahi through the firewall as it is set up that way by default but I don't know how the firewall works on your device. You may need to explicity allow port 5353 on openmediavault.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.

Post Reply

Return to “Other networking topics”