mudfish

thanks.that should be the reason why i am not seing the security tabs in my windows box..Im off to configuring SAMBA as a PDC now.Does anybody here have a working samba guide to PDC using Mandriva 2007?Again, thank you Ian.

appreciate your reply but it seems my questions has not been answered. :sad:

hi ian, added security=user in the globals section on my smb.conf but still no luck.i think security=user is the default so i guess it is not a problem. :unsure:

hi all, i have a mandriva 2007 which has samba installed and a share on its reiserfs partition but i cannot seem to get acl support to work. i don't see any security tabs when i browse the share using the root account on my winxp computer.just wanna ask some questions here and much help is appreciated. 1. is acl supported on reiserfs? 2. is the linux kernel on my system(2.6.17-5mdv) supports acl or do i still have to patch it? 3. or do i have to change it to ext3 or xfs filesystem? below is my fsstab entry /dev/hda1 / ext3 defaults 1 1 /dev/hdc1 /home reiserfs notail,noatime,acl 1 2 none /proc proc defaults 0 0 /dev/hdc5 /tmp ext3 defaults 1 2 /dev/hda6 /usr ext3 defaults 1 2 /dev/hda7 /var ext3 defaults 1 2 /dev/hda5 swap swap defaults 0 0 my smb.conf [global] workgroup = HOME server string = samba log level = 3 log file = /var/log/samba/log.%m max log size = 100 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = No local master = No wins support = Yes nt acl support = yes [MyShare] comment = A Shared Drive browseable = yes writable = yes guest ok = no path = /home/MyShare need help.

seems mr. google did the job for me.i found this iptable entry: iptables -t nat -A PREROUTING -p tcp --dport 80 -d www.iamnotloading.com -j ACCEPT which works perfectly. :)

yes ian,i have squid setup as transparent proxy caching server.port 443 is block so https is not a problem on my side.

hi all, ive disabled ecn and tcp window scaling is off but still some sites wont show up when it goes to my squid proxy. hopefully someone here would help me for the much needed iptable firewall rule to allow some sites not to pass through squid(i.e direct) hoping someone here would bail me out on this problem as ive been pulling my hair off for days on this one.

found this info on mandriva 2007 errata page and that answers my problem. http://wiki.mandriva.com/en/Releases/Mandr...T_dies_on_login i should have read the errata page before asking here.sorry mods. :wacko: but thanks again ian for the time. B)

no.i am trying to access it from the localhost itself i.e on the same machine that swat and samba is installed on.

hi all. recently installed samba server(3.0.23b) with swat on mandriva 2007 box.everything went smoothly but when i try to access samba via swat on my browser as root it keeps throwing me back to its login prompt eventhough i am 100% sure i entered the correct root password. (i am accessing it on the same machine where samba is installed.)before that ive already edited the swat file on the xinetd.d directory and change the option disable from "yes" to "no" and then run "service xinetd restart" any ideas ?

hi all, its me again.i am trying to setup a samba fileserver in my /home partition using nt-style permissioning(just like windows server 2003).my question is how do i enable acl support on the etc/fstab on my /home partition? :unsure: Joel

thanks for the info..:)

btw i am using mandrake 10.1 :)

hi all, my network is up before my shorewall is started.how can i do the reverse of it?(i,e shorewall first before the ethxx because from what i ve read shorewall should first be the one up and running before the network interfaces should be up when the linux box boots up for added security measure. i would appreciate all your help. :)

one of the linux gurus here in our place set it up using bridge utils? and proxyarp?.man, i dont know that stuff and the configs.he just added one nic to my gateway (i dunno how he set it up but it works..)i am still looking for a much simpler solution than the one he did.btw he remove the router and he connected the adsl modem to eth1,eth0 is the firewall ip and eth2 is the network bridge?!anyway thanks ianw1974 for the help. B)

i havent tried resetting it to the default.when u say start a konsole session and move the kde folder to a new location did u mean using my account or being as root?does it guarantee that it would not alter my network configuration and settings as well as my firewall configuration?if i do that would mcc and all the applications that ive installed would run now?im a bit hesitant doing this as i am on a learning curve and this is the server of our lan so i wanna make sure i can bail out easily if this fails.hope you understand. :mellow:

hello there, ive messep up my kde and after successive retries on bringing it back get paid off.but after i get to the desktop.most of the programs wont run anymore even mcc wont start.my firestarter firewall would say bus error when i tried to launch its gui but when i check its status via console it says it is running.my question is.can i re install kde without reconfiguring my network and other settings?.i am running mandrake 10.1 as a router/gateway on my lan.is there a system restore in linux as there is in windows xp? :unsure: thanks. [moved from Installing Mandriva by spinynorman]

sorry for the late reply ian.it's a linksys router model RT31PN-AN. attach is the pdf manual. rt31p2_ug.pdf

hi.u mean it can be done in my linksys router even it has no 1:1 NAT feature.can you tell me how to do it? :) .i can send to you the pdf manual of my router. :)

i am not that good in networking especially when it comes to linux and. have read bout proxyarp and it seems too difficult for my brain to catch it up.i am looking for a much simpler solution.btw, my linksys model is rt31p2-na and it doesn't support 1:1 NATting. anybody can explain this code to me if this iptable rules really works on the firewall.it says it is 1:1 NATting ## Standard Stuff ## echo 1 > /proc/sys/net/ipv4/ip_forward iptables --table nat -A POSTROUTING -o eth0 -j SNAT --to $NAT_IP ## The 1:1 NAT stuff ## iptables -t nat -A PREROUTING -d $EXTERNAL_IP \ -j DNAT --to-destination $INTERNAL_IP iptables -t nat -A POSTROUTING -s $INTERNAL_IP \ -j SNAT --to-source $EXTERNAL_IP iptables -t nat -A POSTROUTING -s $INTERNAL_NET -d $INTERNAL_IP \ -j SNAT --to-source $NAT_IP Where $NAT_IP is the external IP of your firewall. The last rule is required if you want hosts on your internal net to be able to talk to that external IP as well. have found it at http://www.mybrainhurts.com/blog/2007/07/1...r-firewall.html thanks

heres my network.i have an adsl modem connected to a linksys router.the router is then connected to a mandrake linux box.the linux box shares his internet to my lan(which has a firestarter firewall and squid running) eth1=router eth0=lan now my isp assigned me 6 public ip's.i want to distribute this 6 public ip's inside my lan i.e use their public ip addresses inside my network.it will be used for connecting to a remote vpn server(the vpn server does not accept multiple connections using only 1 ip address).any info on how to do that? or maybe some iptable rules for me to get going?is it possible? :mellow:

hi all ty for the quick and informative replies.it really helps us a lot newbies gain new knowledge from experienced linux users.im a bit new to shorewall as im used to using firestarter with just a few clicks and its done.i am blocking port 25 on the firewall because i am not running a mail server..(am i doing right?i mean closing port 25 does not mean i can no longer check my email account on yahoo right?? greetz goes to scoonma,soulse and paul.

how do you block port 25 on shorewall firewall?

i finally find the solution to my problem after a lot of googling.here's the link if anyone encounters this problem with squid. http://osdir.com/ml/security.firewalls.fir...7/msg00014.html ;)

well, anyone knows a gui firewall that can do what i want with squid?btw, thanks greg2 for informing me about that.