[Samba] listenning on interfaces

Jean LEE jean_lee_3 at hotmail.com
Tue Jun 15 14:02:25 GMT 2004 

Hi,

Thanks for your answer. I'm surprised.
There's no way in smb.conf to tell : "I don't want that nmbd listens on
0.0.0.0/0" ?

Regards,

Jean

----- Original Message ----- 
From: "Thomas Werner" <werner at esmt.org>
To: "Jean LEE" <jean_lee_3 at hotmail.com>; <samba at lists.samba.org>
Sent: Tuesday, June 15, 2004 11:00 AM
Subject: Re: [Samba] listenning on interfaces


> maybe iptables? but dont forget to open some ports for the clients:
>
> 111.tcp
> 137.udp
> 138.udp
> 139.tcp
> 22.tcp
> 2222.udp
> 445.tcp
> 631.tcp
> 67.udp
> 80.tcp
> and maybe 88.tcp for ads
>
> for example on a share connect. the xp clients look for a webserver on 80
to
> show the folder/drive content, the same for port 2222. if you drop the
> packets, the home drive is slow, because the client timed out and get no
> answer for special kind of service/feature.
>
> cheers tom
>
> On 15.06.2004 10:11 Uhr, "Jean LEE" <jean_lee_3 at hotmail.com> wrote:
>
> > Hello,
> >
> > I am new to samba and i would to well secure it.
> >
> > In smb.conf, I entered the following lines :
> >
> > hosts allow = 192.168.0.2 127.0.0.1
> > hosts deny = 0.0.0.0/0
> > bind interfaces only = yes
> > interfaces = eth0 lo
> >
> > I thought that it would only listens on the local machine and my
internal Lan
> > (which is on eth0 192.168.0.1) but nmbd seems to always listen on
UDP/137 and
> > UDP/138 (netbios-ns and netbios-dgm) on 0.0.0.0/0. Here is the output of
> > netstat :
> >
> > [root at ServeurLinux user]# netstat -taup
> > Active Internet connections (servers and established)
> > Proto Recv-Q Send-Q Local Address                     Foreign Address
> > State     PID/Program name
> > tcp     0             0         192.168.0.1:netbios-ssn         *:*
> > LISTEN     3800/smbd
> > tcp     0             0         ServeurLinu:netbios-ssn         *:*
> > LISTEN     3800/smbd
> > tcp     0             0        ServeurLinux:ipp                    *:*
> > LISTEN     3707/cupsd
> > tcp     0             0         192.168.0.:microsoft-ds         *:*
> > LISTEN     3800/smbd
> > tcp     0             0         ServeurLin:microsoft-ds         *:*
> > LISTEN     3800/smbd
> > udp     0             0        192.168.0.1:netbios-ns         *:*
> > 3804/nmbd
> > udp     0             0        *:netbios-ns                         *:*
> > 3804/nmbd
> > udp     0             0         192.168.0.1:netbios-dgm     *:*
> > 3804/nmbd
> > udp     0             0         *:netbios-dgm
*:*
> > 3804/nmbd
> >
> >
> > What is netbios-ns and netbios-dgm? I would prefer that nmbd doesn't
listen on
> > *:netbios-ns and *:netbios-dgm because I will connect my server to the
> > internet through eth1 10.0.0.1. How can I do it?
> >
> > Thanks for any help.
> >
> > Jean Lee.
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
> Dipl. Betriebswirt(BA) f. Inf. Thomas Werner
> Webmaster / Network Administrator
> ESMT European School of Management and Technology GmbH
> Schlossplatz 1
> D-10178 Berlin
> Germany
>
> Tel: +49 (0)30 21231 - 1085
> Fax: +49 (0)30 21231 - 9
> E-mail: werner at esmt.org
> Web: http://www.esmt.org
>
>
>

More information about the samba mailing list