[right]Bonjour,[/right]
j'ai testé entre temps l'accès à mon serveur smb depuis la même machine KVM, mais fonctionnant sur un autre PC physique : la machine virtuelle distante arrive bien à accéder à mon système de fichiers partagé sur ma machine locale
le problème se situe donc bien dans l'accès
local à mon système de fichiers partagés par le système hôte
en suivant vos conseils, j'ai ensuite désactivé le pare-feu
systemctl stop firewalld
et je parviens à accéder au système de fichiers partagés par le système hôte
je rétablis ensuite le pare-feu
systemctl start firewalld
et le problème apparaît à nouveau
qu'est-ce qui a donc pu changer suite à l'upgrade système ?
mon pare-feu est réglé ainsi (pas facile à lire ...)
# iptables -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2 128 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED,DNAT
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
4 573 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
4 573 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED,DNAT
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 6 packets, 717 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
6 717 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_libvirt all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_FedoraWorkstation all -- wlp2s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_FedoraWorkstation all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_libvirt all -- * virbr0 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_FedoraWorkstation all -- * wlp2s0 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_FedoraWorkstation all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_FedoraWorkstation (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_FedoraWorkstation_pre all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_FedoraWorkstation_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_FedoraWorkstation_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_FedoraWorkstation_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_FedoraWorkstation_post all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_FedoraWorkstation_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_FedoraWorkstation_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_FedoraWorkstation_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_FedoraWorkstation_post (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_FedoraWorkstation_pre (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_libvirt (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_libvirt_pre all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_libvirt_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_libvirt_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_libvirt_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_libvirt_post all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_libvirt_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_libvirt_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_libvirt_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_libvirt_post (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_libvirt_pre (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_FedoraWorkstation (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_FedoraWorkstation_pre all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_FedoraWorkstation_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_FedoraWorkstation_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_FedoraWorkstation_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_FedoraWorkstation_post all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_FedoraWorkstation_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_FedoraWorkstation_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_FedoraWorkstation_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_FedoraWorkstation_post (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_FedoraWorkstation_pre (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_libvirt (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_libvirt_pre all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_libvirt_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_libvirt_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_libvirt_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_libvirt_post all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_libvirt_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_libvirt_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_libvirt_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_libvirt_post (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_libvirt_pre (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 IN_libvirt all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 [goto]
4 573 IN_FedoraWorkstation all -- wlp2s0 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 IN_FedoraWorkstation all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_FedoraWorkstation (2 references)
pkts bytes target prot opt in out source destination
4 573 IN_FedoraWorkstation_pre all -- * * 0.0.0.0/0 0.0.0.0/0
4 573 IN_FedoraWorkstation_log all -- * * 0.0.0.0/0 0.0.0.0/0
4 573 IN_FedoraWorkstation_deny all -- * * 0.0.0.0/0 0.0.0.0/0
4 573 IN_FedoraWorkstation_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IN_FedoraWorkstation_post all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_FedoraWorkstation_allow (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 ctstate NEW,UNTRACKED
1 441 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1025:65535 ctstate NEW,UNTRACKED
3 132 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1025:65535 ctstate NEW,UNTRACKED
Chain IN_FedoraWorkstation_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_FedoraWorkstation_log (1 references)
pkts bytes target prot opt in out source destination
Chain IN_FedoraWorkstation_post (1 references)
pkts bytes target prot opt in out source destination
Chain IN_FedoraWorkstation_pre (1 references)
pkts bytes target prot opt in out source destination
Chain IN_libvirt (1 references)
pkts bytes target prot opt in out source destination
0 0 IN_libvirt_pre all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IN_libvirt_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IN_libvirt_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IN_libvirt_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 IN_libvirt_post all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_libvirt_allow (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:547 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:69 ctstate NEW,UNTRACKED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW,UNTRACKED
0 0 ACCEPT icmpv6-- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW,UNTRACKED
Chain IN_libvirt_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_libvirt_log (1 references)
pkts bytes target prot opt in out source destination
Chain IN_libvirt_post (1 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain IN_libvirt_pre (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination