First off, this is my first forum post and I just wanted to say I LOVE OMV. Thank you to everyone who has made this spectacular, wonderful thing possible. I hope great things happen to you.
THE BACKGROUND
===================
I am trying to set up Firewall Rules to allow the least connectivity to my NAS. Part if it is paranoia, and the other part is I am studying to become a Network Engineer and learning Firewalls is a huge part of that. So don't judge me too hard, please.
THE ISSUE
===================
When I set up a rule with source 0.0.0.0/0 that drops All Input Traffic I can no longer connect with SMB/CIFS from my Windows 11 Devices.
I make sure the rule is at the bottom of my Firewall Rules, and I make sure to allow TCP on 445 for the required IP Addresses.
TROUBLESHOOTING
===================
-Verified 445-TCP is allowed on my Windows 11 Device
-Verified the SMB/CIFS Service is enabled on OMV
-Verified SMB is set to use SMB3 on OMV
-Opened the following ports on OMV:
*137-UDP (NetBIOS)
*138-UDP (NetBIOS)
*139-TCP (NetBIOS)
*445-TCP (SMB3/CIFS)
*487-TCP (SAFT)
-Added a rule to allow the IP address in question to allow all protocols and SMB works (too open for my liking)
-Verified no Outbound rules are setup
I noticed adding the 0.0.0.0/0 Drop Input All also breaks my Notifications, which is a bit weird.
Attaching screenshot just for proof of my work.
Any help would be greatly appreciated!
It's almost as if OMV is using an ephemeral port for SMB connections, or the SMB/CIFS is using another protocol to enforce SMB3 (such as RDMA or the like).