[Samba] Denied connection for correct conf inside firewall protec tion

Santos Rodrigo-ARS052 ARS052 at motorola.com
Mon Mar 21 12:36:52 GMT 2005 

	I did some tests with test server using Samba 2.2.8a. I received some strange messages in the log file that cannot be with below configuration:
_____________________________________________________________________________
# ../bin/testparm -x -L pscdv001 ../lib/smb.conf | more
Load smb config files from ../lib/smb.conf
Processing section "[DVfcsload]"
Processing section "[rodrigo]"
Processing section "[ipc$]"
Loaded services file OK.
WARNING: You have some share names that are longer than 8 chars
These may give errors while browsing or may not be accessible
to some older clients
Press enter to see a dump of your service definitions
# Global parameters
[global]
        workgroup = MFG4
        netbios aliases = pscdv001
        server string = Samba Server - Desenvolvimento 3
        encrypt passwords = Yes
        null passwords = Yes
        smb passwd file = /etc/smbpasswd
        password level = 8
        username level = 8
        log level = 0
        log file = /var/log/samba/%L/log.%m
        max log size = 50
        deadtime = 4
        socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        include = /usr/local/samba/lib/smb.conf.pscdv001

[rodrigo]
        comment = My folder
        path = /home/rodrigo
        read only = No
        create mask = 0775
        directory mask = 0775
        hosts allow = 187.10.16.XXX

[ipc$]
        path = /tmp
        hosts allow = 187.10.16.0/23 127.0.0.1
        hosts deny = 0.0.0.0/0
_____________________________________________________________________________

	From my desktop I mapped the SHARE [rodrigo] and I have no problems to access it. Therefore, analysing the logs files, specifically the client log file in the server, I saw some weird messages:

...
[2005/03/15 18:04:18, 0] lib/access.c:check_access(333)
  Denied connection from  (187.10.16.XXX)
...

	The weird thing is that this messages are logged only when I open some file inside the shared directory from samba. Using "windows explorer", I mapped the share inside windows explorer and using on the server the command "tail -f log.client". At the moment of openning file, a tenth of this messages are logged. The IP address showed is the IP of my Desktop and the open file operation is sucedeed without any error messages from windows. See also that in the smb.conf file, on the SHARE [rodrigo] I put a explicit configuration that allow my host 187.10.16.216 to access that SHARE.

	Why these messages are logged ?? What is wrong inside my configuration ?? Is wrong ?

Tks in advance,


Rodrigo José dos Santos
Solvo S.A. 
IT UNIX Administrator Senior (Solaris Specialist) 
Computing Engineer 
Phone: (55) 19 3847 6003 
Fax: (55) 19 3847 6230 
Mobile: (55) 19 8111 8560

More information about the samba mailing list