After installing Fedora Core 1 and choosing to leave the firewall enabled, I struggled to get my wife's Win32 box to see the Samba share I set up on the Linux box. Under Network Neighborhood, the Linux box appeared, but when I tried to open it, it would time out saying that it was unable to reach the computer.
It finally occured to me that I had enabled the firewall. The Fedora
GUI for changing the firewall settings had options for only a few
protocols, and NetBIOS/SMB/Samba wasn't one of them. Out of principal,
I wanted to leave my firewall turned on even though I was behind a
Linksys router/firewall. Finally, a Google search
yielded
the clue for which I had been looking. It pointed out that the
command line firewall configuration tool,
redhat-config-securitylevel-tui, was more customizable. Sure
enough, running redhat-config-securitylevel-tui allowed me to choose the
"Customize" option. There I found just one more field than the
GUI: Other ports. After some digging in the Samba documentation,
I figured out that the necessary ports are:
netbios-ns:udp netbios-dgm:udp netbios-ssn:tcp
That's it!
Getting Samba to Work With the Firewall in Fedora Core 2
The Fedora GUI now allows "other" ports to be enabled on the firewall.
In the main menu, choose System Settings -> Security Level. In the Other
ports field, enter:
netbios-ns:udp, netbios-dgm:udp, netbios-ssn:tcp
Getting Samba to Work With the Firewall in Fedora Core 4
SELinux threw yet another twist at me. In System Settings -> Security Level,
I still had to set the Other ports field to:
netbios-ns:udp, netbios-dgm:udp, netbios-ssn:tcp, microsoft-ds:tcp
like I did with FC2. (Note that these days, there is an additional port
used with Samba.) However, I also had to choose the SELinux tab, and modify
the "Samba" SELinux Policy. All I had to do was to check "Allow Samba to
share users home directories". For some reason, this also effected a
non-home directory as well as the home directories (i.e. without it being
checked, I could see the directories, but not open them).