Me thinks this is back to front (or un-documented alternative syntax)...
Originally Posted by
k23
The right rule is this:
Code:
sudo ufw allow from any app Samba to "yourlinuxboxIP"
From the man page...
Users can specify one of the applications names when adding rules. For
example, when using the simple syntax, users can use:
ufw allow <name>
Or for the extended syntax:
ufw allow from 192.168.0.0/16 to any app <name>
You should not specify the protocol with either syntax, and with the
extended syntax, use app in place of the port clause.
This worked for me
Code:
sudo ufw allow from 192.168.1.0/24 to any app samba
sudo ufw allow from 192.168.1.0/24 to any app cups
So just to check...
Code:
sudo ufw status verbose
Status: active
Logging: off
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
137,138/udp (Samba) ALLOW IN 192.168.1.0/24
139,445/tcp (Samba) ALLOW IN 192.168.1.0/24
631 (CUPS) ALLOW IN 192.168.1.0/24
I'd be interested in any other comments as I have found UFW to be a little quirky, especially...
Re: the logging (rather the lack of it) mentioned by kamaji792 in the original post.
I have found a couple of errors in the man page.
log-all, mentioned briefly in the man page, does nothing
Syntax for setting log level seems not to work, except for default level of low
Code:
sudo ufw logging off
Again just checking
Code:
sudo ufw status verbose
Status: active
Logging: off
....
Try to turn on logging and set log level in one command
Code:
sudo ufw logging on high
Checking
Code:
sudo ufw status verbose
Status: active
Logging: on (low)
I found I could only set the log level to higher than low with 2 commands.
First turn logging on
Code:
sudo ufw logging on
Then set a higher level
Code:
sudo ufw logging medium
While I'm here I might mention the other inconsistency I came across in the use of the pre-defined application rules for SAMBA.
The SAMBA manual clearly states these ports are used by SAMBA (smbd & nmbd) as referenced by kamaji792 in this post Firewall & ports
Port 135/TCP - used by smbd
Port 137/UDP - used by nmbd
Port 138/UDP - used by nmbd
Port 139/TCP - used by smbd
Port 445/TCP - used by smbd
Yet the Samba application rule omits port 135, which BTW is Microsoft Remote Procedure Call (RPC) service.
Code:
sudo ufw app info Samba
Profile: Samba
Title: LanManager-like file and printer server for Unix
Description: The Samba software suite is a collection of programs that
implements the SMB/CIFS protocol for unix systems, allowing you to serve
files and printers to Windows, NT, OS/2 and DOS clients. This protocol is
sometimes also referred to as the LanManager or NetBIOS protocol.
Ports:
137,138/udp
139,445/tcp
More info from Gibson Research Corporation
Name: dcom-scm
Purpose: DCOM Service Control Manager
Description: Microsoft's DCOM (Distributed, i.e. networked, COM) Service Control Manager (also known as the RPC Endpoint Mapper) uses this port in a manner similar to SUN's UNIX use of port 111. The SCM server running on the user's computer opens port 135 and listens for incoming requests from clients wishing to locate the ports where DCOM services can be found on that machine.