To open access to Samba in IPTables, you must add four rules at once:
sudo iptables -A INPUT -p udp -m udp --dport 137 -j ACCEPT sudo iptables -A INPUT -p udp -m udp --dport 138 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT
To only allow access to a particular network, for example 192.168.1.0/24:
sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
To remove a rule, we’ll specify the same command, replacing -A with -D, for example:
sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 137 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p udp -m udp --dport 138 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT sudo iptables -D INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
To view the list of rules, use the command:
sudo iptables -nvL
See also my articles:
Configuring IPTables
Installing and Configuring Samba on Linux