Operating system： CentOS Linux 7.6.1810
Samba 版本 4.8.3

1.Firewalld
firewall-cmd –permanent –add-service=samba
systemctl restart firewalld

 firewall-cmd --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: dhcpv6-client ssh samba

 sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

• To see all booleans: # getsebool -a

getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off

2.Windows 無法存取

setsebool -P samba_export_all_ro=1 samba_export_all_rw=1

 setsebool -P samba_export_all_ro=1 samba_export_all_rw=1
[root@dc home]# getsebool -a | grep samba_export
samba_export_all_ro --> on
samba_export_all_rw --> on

systemctl enable smb.service

3.參考文章：

Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux/Windows Clients – Part 6