系统:CentOS 6.8
selinux:关闭
iptables:打开
samba服务要求:
使用用户名/密码登陆,有读写权限。
SELinux设置
# setenforce 0
# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
iptables设置(可参考 http://man.linuxde.net/iptables)
# iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
# iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
# iptables -I INPUT 5 -p udp -m udp --dport 137 -j ACCEPT
# iptables -I INPUT 5 -p udp -m udp --dport 138 -j ACCEPT
# iptables-save > /home/iptables.save
# iptables-restore </home/iptables.save
# iptables -L -n
为避免iptables规则重启服务或机器后防火墙规则恢复为默认,修改iptables配置文件
# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j AC