---
date: 2019-10-31T12:38:55+02:00
description: "Exemple de règles pour gérer les connexions du service SMB avec le parefeu Packet-Filter (PF)"
draft: false
tags: ['firewall','PF','Packet-Filter','SMB','astuce']
title: "PF accepte de gèrer les connexions du service Samba"
---

## Description

Voici les règles PF nécessaires : 

⇒ macros

`smb_ports_tcp = "{ 135 137 139 445 }"` <br>
`smb_ports_udp = "{ 135 137 138 445 }"` <br>

⇒ samba in

`pass in quick on egress proto tcp from egress:network to egress port $smb_ports_tcp flags S/SA modulate state` <br>
`pass in quick on egress proto udp from egress:network to egress port $smb_ports_udp allow-opts` <br>

⇒ samba out

`pass out on egress proto tcp from egress to egress:network port $smb_ports_tcp flags S/SA modulate state` <br>
`pass out on egress proto udp from egress to egress:network port $smb_ports_udp allow-opts` <br>

---