1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

port forwarding to allow SMB from outside (non-VPN)

Discussion in 'Tomato Firmware' started by luckman212, Jul 28, 2009.

  1. luckman212

    luckman212 LI Guru Member

    I'm aware of the security risks associated with allowing traffic through on ports 137-139 & 445 from outside the firewall. That being said, I am still trying to set up my Tomato 1.25 to forward these ports in the correct way so I can mount specific shares from my iPhone, so I might play video/audio files from my desktop while travelling.

    Does anyone have any help for how to get SMB working from outside? I tried simply forwarding TCP/UDP 137-139, 445 -> my desktop, but it still gets blocked. nothing even showing up in the Tomato logs. Its almost like the kernel is hard-coded to just drop these packets silently. Is that possible?

    I also tried entering them as IPTABLES statements into the 'firewall' section of Admin->Scripts but that didn't work either. :hmm:
  2. rhester72

    rhester72 Network Guru Member

    Do the iptables counts increase? If so, they are being forwarded, but they are *very* likely being blocked by the target machine, which will typically accept SMB packets only from the local LAN subnet.

  3. luckman212

    luckman212 LI Guru Member

    Sorry for my ignorance but how do I check if the counts are increasing? I guess this is done from a telnet session but what is the command? thanks
  4. rhester72

    rhester72 Network Guru Member

    iptables -t nat -L -nv
  5. luckman212

    luckman212 LI Guru Member

    ok thanks, I will give it a try when I get home from work :)
  6. MarioT

    MarioT LI Guru Member

    Another good possibility is that your ISP is blocking those ports for you.
    Mine, (Videotron in Canada) is known to block incoming ports 25,80,137-139,445 plus outgoing 25, so we must use their SMTP relay to send mail.

    A simple check is to run an online port scan from grc.com
  7. Vavo

    Vavo Guest

    I use Miranda IM (instant messanger) with HTTP server plugin that creates web pages by folders...pretty same as allwing directory browsing on any web server. Then with Mplayer I can open the mp3s from outside..it streams them / not downloading full file before play...just by clicking on the file name.

Share This Page