[cobalt-users] IP Firewall

["Desmond S. Fuller" <DesmondFuller@xxxxxxxx>]

Hello all.

I have a question on the IP Firewall piece of the Qube 2 (actually anyone
with IPFWadm experience could help).

I want to have the ability to use SAMBA (smb) from my office IP to my Home
Qube 2.  I went to the Cobalt site and used their Firewalling script.
Everything seemed to be fine until I tried to use Samba.  The original rule
was the following for SAMBA (I have changed my IPs to be safe - assume
12.3.45.100 is HOME and 111.222.333.81 is WORK.


	  Policy 	Source	Destination	  Protocol
		  IP 	  Port 	  IP 	  Port
 12	 Allow	 Any	 Any	 12.3.45.100/24	 139	 TCP

I did some digging and Microsoft claims you need to punch out the following:

	Port 135 (TCP or UDP) for RPC Service
	Port 137 (UDP) for NetBIOS Name Service
	Port 138 (UDP) for NetBIOS datagram (Browsing)
	Port 139 (TCP) for NetBIOS session (Net USE)

I punched these into IP Firewall with my work address as the Source (i.e. I
only want my office address to be able to pass thru the Firewall.

 IP Filtering Rule List
	  Policy 	Source	Destination	  Protocol
		  IP 	  Port 	  IP 	  Port
 11	 Allow	 111.222.333.81/24	 Any	 24.3.48.149/24	 135	 TCP
 12	 Allow	 111.222.333.81/24	 Any	 24.3.48.149/24	 137-138	 UDP
 13	 Allow	 111.222.333.81/24	 Any	 24.3.48.149/24	 139	 TCP

It half worked... meaning I can connect to SAMBA but so can anyone else.  It
seems that the Source IP didn't work?!

What am I doing wrong?

- Desmond