Disable DNS lookups by Samba
Pieter Grimmerink
p.grimmerink at home.nl
Mon Jun 19 14:18:54 GMT 2000
Does anyone know what to do to prevent samba from performing DNS lookups for
users?
Let me give an example;
A windows client does not have access to a DNS,
but it is using the WINS service provided by a samba
server.
When a user at this client pings a hostname, the windows
client tries to resolve this hostname via the windows
nameresolving stuff.
This results in the samba server consulting the DNS,
and returning the corresponding IP tot the windows client.
If the hostname is nonlocal, and the LAN uses a dial on
demand setup, the DNS will contact an outside DNS, and causes
the dialup connection to start.
You can't forbid the connection to be started, since it's the
sambaserver that queries the DNS, not the client.
The setting 'name resolve order' does not seem to have effect
in this situation, since it is only used in the client side of
samba, not in the netbios nameserver side. (at least it does not
prevent dns lookups when only wins is specified as resolve method)
I thought of rejecting the traffic between samba and the DNS, but
samba does not use a fixed output port for its queries.
Does anyone have ideas about this?
(I'm using samba-tng 2.5.3, but I don't think the branch / version really
matters for this issue)
Best regards,
Pieter
More information about the samba-ntdom
mailing list