cat /etc/samba/smb.conf | egrep -v '(^$|^#)'
[global]
workgroup = Workgroup
netbios name = FileServer
server string = FileServer
; wins server = w.x.y.z
dns proxy = no
local master = no
domain master = no
preferred master = no
; name resolve order = lmhosts host wins bcast
; interfaces = 127.0.0.0/8 eth0
; bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
; domain logons = yes
; logon path = \\%N\profiles\%U
; logon drive = H:
; logon script = logon.cmd
; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
; add group script = /usr/sbin/addgroup --force-badname %g
; printing = bsd
; printcap name = /etc/printcap
; printing = cups
; printcap name = cups
; include = /home/samba/etc/smb.conf.%m
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash
; winbind enum groups = yes
; winbind enum users = yes
; usershare max shares = 100
usershare allow guests = yes
[PublicForAll]
path = /media/documents/share
writable = yes
browseable = yes
public = yes
guest ok = yes
guest only = yes[homes]
comment = Home Directories
browseable = no
valid users = %S
writable = yes
create mask = 0700
directory mask = 0700
; read only = yes
; create mask = 0700
; directory mask = 0700
; valid users = %S
;[netlogon]
; comment = Network Logon Service
; path = /home/samba/netlogon
; guest ok = yes
; read only = yes
;[profiles]
; comment = Users profiles
; path = /home/samba/profiles
; guest ok = no
; browseable = no
; create mask = 0600
; directory mask = 0700
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
; write list = root, @lpadmin
;[cdrom]
; comment = Samba server's CD-ROM
; read only = yes
; locking = no
; path = /cdrom
; guest ok = yes
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom
iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x13/0x02 LOG flags 2 level 7
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x13/0x02 reject-with icmp-port-unreachable
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 3389,3390,137,138,22
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443,8080
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 80,443,8080
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22,23,5938,9997
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 22,23,5938,9997
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,110,143,465,585,993,995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 25,110,143,465,585,993,995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 1080,8081,8088,8888
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 1080,8081,8088,8888
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 20013,20014,20018,32801:32825
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 20013,20014,20018,32801:32825
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 55550:55555
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 55550:55555
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 55550:55555
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 55550:55555
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 3389,3390,137,138,22
netstat-ntl|egrep'(139|445)'
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN