[clug] Re: Bonjour/ZeroConf Advocacy
Alex Satrapa
grail at goldweb.com.au
Fri Nov 21 01:16:48 GMT 2008
On 13/11/2008, at 17:47 , Alex Satrapa wrote:
> Heck, I can launch "JollysFastVNC" on the Mac, select Windows ->
> Server List, and what do you know? There's "alex's remote desktop on
> ubuntu" right there in the service list!
For the true Macophiles (which I am apparently not, having been living
in a cave for far too long), Mac OS X has a built-in VNC server which
is used for Mac OS X's built-in screen sharing.
It turns out I wasn't aware of it because I had misconfigured my
Ubuntu machine's firewall.
I had previously suggested this configuration:
> server_mdns_ports="UDB/5353"
> client_mdns_ports="default"
>
> ...
>
> interface any world
> ...
> server mdns accept
> ...
> client all accept
... it turns out I was mistaken.
What works for me now is this:
> server_mdns_ports="UDP/5353"
> client_mdns_ports="5353"
>
> interface any world src not "$RESERVED_IPS" # [1]
> protection strong
>
> server multicast accept
> server mdns accept
> ...
> client multicast accept
> client mdns accept
And for bonus points, add the following service definition into
Avahi's configuration /etc/avahi/services/samba.service
> <?xml version="1.0" standalone='no'?><!--*-nxml-*-->
> <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
> <service-group>
> <name replace-wildcards="yes">%h</name>
> <service>
> <type>_smb._tcp</type>
> <port>139</port>
> </service>
> <service>
> <type>_device-info._tcp</type>
> <port>0</port>
> <txt-record>model=MacBookPro</txt-record>
> </service>
> </service-group>
Change the "MacBookPro" to something that is more representative of
your computer as required. The following worked for me so far:
- MacBook
- MacBookPro
- RackMac
- Macmini
- PowerBook
... note that all the "_device-info._tcp" service does is change which
icon Finder displays for your service.
Advertising the Samba service through Avahi means that the Mac user
doesn't have to turn on SMB file sharing, which would otherwise be
required in order to start the nmbd service. Turning on SMB file
sharing means storing your password in two places (and thus having to
change it in two places), which some people might want to avoid. I
suspect that Finder expects the SMB file sharing service to be turned
on before it starts displaying services discovered through nmbd (just
starting nmbd manually has no effect on Finder).
Finder mounts remote SMB file systems using smbfs, so it's quite
possible to *use* SMB file servers without running Samba. Without the
Bonjour/ZeroConf advertisment, the usual means to connect to an SMB
share is to use Finder's "Connect To …" option and type the "smb://host/share
" URL - but that's *so* uncool!
Now to see how much breaks when I turn the ipfw firewall on, on the
Mac …
Alex
More information about the linux
mailing list