OK here's the answer:
Remove the much vaunted service-based rule for Samba with this command:
Code:
sudo ufw delete samba
Replace it with port-based rules for the trusted network:
Code:
sudo ufw allow proto udp to any port 137 from 192.168.29.0/24
sudo ufw allow proto udp to any port 138 from 192.168.29.0/24
sudo ufw allow proto tcp to any port 139 from 192.168.29.0/24
sudo ufw allow proto tcp to any port 445 from 192.168.29.0/24
Adjusting the IP mask for individual LANs.
Sadly, the UFW fails on a service-based rule, which is probably a bug. I suppose that UFW is fairly new and is mostly left turned off, so this problem will take some time to be noticed by the bug-fixers. All will come good in time
Bookmarks