Filesharing over ports 445 and 139

Lns 2.0.7, Phant0m rules 008.5r1, WinXP-SP3.
Under 008.4 I had to make me rules for filesharing to supplement P-rules for WinF&P sharing. No problems. It worked fine.
But since I've just started clean LnS, and with a better Advanced options list, I wanted to see which, if any, of my port 139 and 445 rules really must be in for the LAN.
It appears that I still have to drag them in, what do you think?

Details: Each computer has mapped drives to another, both by computer name and by IP. Both set to reconnect at logon.
Both computers' TCP/IP properties permit NetBIOS over wired connections.
This log is from the moment the other computer (.63) booted. All TCP incoming packets have an "S" flag on them.


Packets 17-34 are during the other box booting, where packets 21-28 are netbios broadcasts from .63 to 192.168.54.255.
Packets 40-45 are when I want to connect from the other computer to me and Windows says that error occured while reconnecting to \\myIP\directory or for \\compName\directory it says No network found.

I have no problem connecting out and using the specified directories on .63.

It's not terribly important, but I thought I'd ask anyway.

Edit @7:30pm
In several firewalls I used, I always included ports 135,137-139,445 for LAN sharing since M$ played with NetBIOS and its 445 replacement (maybe). Might that be included in the P-rules as well, by default? Or is it a security issue of some sort.

 

Hi act8192,

Try the update.

 

Sounds great to be able to eliminate 2 rules, thanks
But, I'm having problem installing

.zip md5 matches so I don't know what to check to make it work.

 

Never mind. It installed. It turns out I had to reenter serial even though it was prefilled on the dialog.

 

I think we're looking good, thanks Phant0m

I pasted in view from the other box in the bottom corner.
I assume incoming is permitted only for my LAN in the details of the new Win F&P... rules, correct?

 

Regarding ‘-Microsoft-DS’ rule blocking of the wanted LAN sharing, this rule was a newer addition to block silently Microsoft-DS traffic coming from the web. However it was using ‘IP : Address’ criteria ‘In Range’ or ‘Mask’ (depending on ForceConfig.ini Network settings) instead of ‘Out range’ and ‘Not Mask’ on LAN Microsoft-DS packets. The ‘Win.F&P Sharing_Microsoft-DS*’ was for accepting the wanted LAN Microsoft-DS packets, but these packets was stopped first by ‘-Microsoft-DS’.

If the saved serial was wrong, you wouldn’t get to the next screen where it retrieves information, ‘? Failure to save Ruleset file.’ was likely from the file being temporarily locked.


I released a revised version.

 

Phantom, I'm glad you're around again. A bit of setback here. While the Windows computer could connect to my share, the linux mint computer could not until I brought back one of my rules. Might be the high ports they're coming from. All these packets are just Synch flag.

 

You didn't get the update did you?

 

oops, you mean from post#6? no, 'cause I just logged in probably seconds after you did. I saw the sentence and thought it might still refer to 008.6. But basically was trying to carefully read and understand your story about M$-DS. I'll report back tomorrow after the new release.

edit: but if there was the block as you described, why did it work with the windows computer connecting to me?

edit2: wont' this be the same story then with -TCP block incoming followed by TCP allow out

 

If you in reference to the Build 008.6, because there was a fix.

 

Using 008.6r1 - as before in post#7, for some reason we're blocking the linux computer incoming connection attempts.
Phant0m, if you've ran out of patience with me, just say it, 'cause I can import my previous 139,445 incoming rule and be done with it

 

That is probably linked to using Look ‘n’ Stop ‘Local In’ criteria for dynamic ports, can you go into a standard rule that shows ‘Local In’ port range and see if the blocked packets are outside this range?

 

I think your PC that Look 'n' Stop is installed on is using dynamic range 1024-5000, Linux using wider dynamic range

 

I know they come in from high numbered ports.
Which rule should I look at, please

edit: TCP authorize communication has no port restriction on the remote

 

View the rule 'Win.Remote Desktop Connection'

 

I just added, again, my rule and linux box connected smiling
View attachment 229281

Remote desktop does seem to have local port restrictions
View attachment 229282

 

heh u done it wrong ... regarding attaching files in specific places on a post.

 

Export the rule 'Win.F&P Sharing_Microsoft-DS, HTTP, NetBIOS-s' and send it and I will remove the port range or widen the range to your specifications (if you know highest dynamic port ever used).

 

yah, I know I messed up the attachments

 

ok, will export and email

 

e-mail responded.

 

And done well

it now works sharing my files by the linux box and my computer continues to see the linux share. Thank you for the speedy job

 

You are certainly welcome act8191.

 

Phant0m rules 008.8 contain the old, unmodified, Win. F&P sharing rule. Whether by design or not, I don't know.
I had to import the new, good, rule into the 008.8 setup. I mention this because Windows7 or Vista users might need this rule with the remote ports range changed.
One potential problem - When Phant0m worked on it, I suggested ports range above 40000 (thinking of 49152 ), but saw the other day something in the 39 thousand range. I don't really know what the "normal" range for linux is, but it's worth keeping in mind that some further adjustment might be needed.