[ILUG] NATting windows services...
airlied at csn.ul.ie
Mon Sep 3 13:50:45 IST 2001
You can't in my not so informed opinion do NAT broadcast, I've never seen
my VPN stuff work like that... you want to set up a WINS server if you
want to see stuff in Network Neighbourhood... get with WINS it is the
proper way to do windows naming stuff.. broadcast is a BOS..
On Mon, 3 Sep 2001, John P. Looney wrote:
> On Fri, Aug 31, 2001 at 06:23:39PM +0100, Martin Feeney mentioned:
> > On Fri, 31 Aug 2001 17:57:03 John P. Looney wrote:
> > > Now, if I want to NAT say filesharing etc. - what ports do I need ? What
> > > are the others there for ?
> > Ports 137-139 should be enough. You probably don't even need all three as
> > one of them is probably broadcast only, so won't leave your subnet anyway.
> I still don't see the NATted boxes in "network neighbourhood". Now, if
> the external IP on the NAT box is on my local network, will the broadcast
> be sent through anyway ? Or would I need to be doing proxy arp messing to
> see broadcasts propagated through the NAT box (so, make a network bridge,
> rather than NAT) ?
> > Is any part of this filesharing going to go on over public IP space? If
> > so, are you mad? Excellent way to get rooted (or the win2k version -
> > Administratored, I suppose).
> > If you want to do any NT/Win2k sharing over the internet, you should
> > really look into an encrypted P-t-P tunnel (poptop/pptp, ipsec(freeswan),
> > DIY vpn over ssh, etc.).
> Yeah, yeah. I'll do that later. Well, it's more for customers, really. If
> they really want to do it...and they are told about the risks...
David Airlie, Software Engineer
http://www.skynet.ie/~airlied / airlied at skynet.ie
pam_smb / Linux DecStation / Linux VAX / ILUG person
More information about the ILUG