Hey everyone. I am currently migrating from Windows to EndeavourOS on my main machine, but for some reason dolphin is unable to see my shared folders from my Windows laptop when firewalld is active, but I’m able to access them directly both via IP and the .local name. After troubleshooting the issue for a while, I’ve noticed that killing the firewall by running sudo systemctl stop firewalld.service fixes the problem, but I don’t really want to just disable the firewall and call it a day. What do I have to whitelist/do for allowing smb discovery through firewalld?
Do you have mdns open?
Right Click on the Firewall Icon, the choose “Edit firewall Settings”
Change “Configuration” from “Run Time” to “Permanent”
Go down to the “mdms” option, click on it to enable it.
Click on “Options” then “Reload firewall”
Just to be safe, do a reboot and see what happens.
Pudge
just tried it out but dolphin is still unable to see my smb shares
Welcome to the community @Felipe9999 
With respect to @Pudge’s example, the zone illustrated there is public. In your case, you’ll need to make sure you apply the above change to the zone assigned to your network adaptor. Typically, this might be the home zone.
To check, run:
firewall-cmd --get-active-zones
1 Like
@Felipe9999 Try doing the the same as above with “upnp-client”
Here is a description of the pre-defined zones as per this reference
With the least restrictive on top and the most restrictive at the bottom.
Firewalld includes following pre-defined zones based on the level of trust we have on incoming traffic.
| Name | Description |
|---|---|
| Trusted | This zone allows all incoming traffic. On trust scale, it stands on first position. Use this zone to handle the traffic on which you can trust blindly because it filters nothing. |
| Home | This zone is customized for home network. It allows return traffic with following services ssh, mdns, ipp-client, samba-client and dhcpv6-client. |
| Internal | This zone is similar to home zone but it is customized for internal network. It also allows return traffic with following services ssh, mdns, ipp-client, samba-client and dhcpv6-client. |
| Work | This zone is customized for work network. It allows return traffic with following services ssh, ipp-client and dhcpv6-client. |
| Public | This zone is customized for public network. It allows return traffic with following services ssh and dhcpv6-client. This is the default zone unless you change the setting. |
| External | This zone is customized for masquerading. It allows return traffic and ssh service only. |
| Dmz | This zone is customized to limit the access to internal network. It allows return traffic and ssh service only. |
| Block | This zone rejects all incoming traffic with “icmp-host-prohibited” message. It allows only return traffic. On trust scale it stands on second last position. |
| Drop | This zone rejects all incoming traffic without sending any error message. It allows only return traffic. On trust scale it stands on last position. |
Public is the default setting, and is more restrictive than Home. Public would be better for Laptops which are used outside of your home network. Since firewalld is installed and enabled on EnOS, and Public is the default zone, I’m guessing that the vast majority of EnOS installs use the default Public zone.
Home would be fine for desktops that of course never leave the house.
As @Bink pointed out, one can choose what ever zone they think works for them, or you can create your own zone.
Pudge
1 Like
still nothing after allowing upnp-client
This works with the firewall disabled, so there is still something that needs to be opened.
There is “samba” “samba-client” and “samba-dc”. My guess is samba-client, but you can try all three and see if it works. When it’s working, you can disable one thing at a time and see what is really necessary.
Another thing you can check on your EnOS device is make sure both samba and smbclient are installed. Then make sure smb is enabled in systemd
pacman -Q samba
to see if samba is installed
pacman -Q smbclient
to see if smbclient is installed
systemctl status smb
To see if smbclient is enabled, if not enable it.
sudo systemctl enable --now smb
reboot and try again
Pudge
i might have accidentally nuked my entire drive while resizing partitions of my win10/endeavourOS dual boot so I won’t be looking into this in the meantime. thanks for the help anyway