I have been trying to set up an ubuntu box (8.04) to provide some network storage for some windows PCs. I am using ufw as a firewall and samba as the file server. There is a router allowing the windows PCs to access the internet, so the idea of the firewall is to stop anyone connecting from outside the local network. The default for ufw is to deny.

The only way I can get it to work is with ufm set up as shown by the status:
$ ufw status
Firewall loaded

To               Action  From
--               ------  ----
Anywhere         ALLOW
I know samba is supposed to use ports 135, 137, 138, 139 and 445.

However if I only open these ports (tcp and udp) I can't connect from the windows PCs. Interestingly I can't see any logging of dropped packets in the syslog (yes, logging is turned on).

I have seen one comment that said you need ports 1024 to 65535 to be open as well. However ufw does not allow you to specify a rage of ports so opening large number of ports is impractical.

Is this the best I can do or do ?

or do I need to learn IP tables

Thanks in advance