smbclient using all interfaces

Christopher R. Hertel crh at nts.umn.edu
Mon Feb 15 23:38:44 GMT 1999 

Try dropping only 139.  The -L option (if I remember correctly) connects 
to port 139 on the remote end.  If it *does* work, then the problem was 
name resolution packets not getting through.

This is quite a busy config, what with the vLANS and all.

Chris -)-----

> 
> On Tue, 16 Feb 1999, Christopher R. Hertel wrote:
> 
> > > I'm confused.
> > 
> > As are we all.
> 
> At least I am in good company!  :-)
>  
> > > I have the following lines in my smb.conf file (2.0.2, btw):
> > > 
> > > interfaces = 206.76.17.2/255.255.255.0 206.76.20.2/255.255.255.0 \
> > >              206.76.21.2/255.255.255.0 206.76.22.2/255.255.255.0
> > > bind interfaces only = Yes
> > > 
> > > The system also have an additional interface of 206.76.16.67/28.  If I
> > > block TCP/UDP ports 137-139 on my router and then try to do
> > 
> > Can you send the filter?  I assume you're blocking 137-139 for the 
> > 206.76.16.67/28 subnet only, yes?
> 
> The router in question is a BayNetworks ASN with 5 ethernet interfaces.
> Unfortunately, there is no easy way to send you the filter, but basically,
> the way the management software works is, you create a filter template and
> then apply it to each interface.  My template was (in essense):
> 
> UDP_OR_TCP PORT 137-139, DROP ALL
> 
> which was then applied ONLY to the ethernet interface on that subnet.
>  
> > I guess I'd like to know more about your filters, and the IP address of
> > "another_host".  smbclient will open a high-numbered port to query the
> > remote server, and replies will return from port 139 on that server to the
> > high-numbered port.
> > 
> > ..I'm probably just missing something.
> 
> Or, I didn't give enough information in the first place.  Here is some
> more "interesting" items.
> 
> The remote host in question is called ATC-SRV and its IP address is
> 204.158.19.5 and 204.158.18.5.  Here's the interesting part... when I do a
> traceroute to that machine, the traceroute goes out the port which is
> being filtered, even though there is a more direct route!  See:
> 
> twinders> traceroute atc-srv
> traceroute to atc-srv19.spc.cc.tx.us (204.158.19.5), 30 hops max, 40 byte
> packets
>  1  asn-e141 (206.76.16.66)  2 ms  2 ms  1 ms
>  2  arn (206.76.17.4)  4 ms  5 ms  3 ms
>  3  atcrtr (206.76.16.34)  28 ms  28 ms  11 ms
>  4  atc-srv19 (204.158.19.5)  12 ms  11 ms  20 ms
> 
> If you look above, the machine in question has an interface with IP
> 206.76.17.2, so it should skip the other interface, no?  This is on a
> Digital Unix machine and the /etc/routes has a single entry as:
> 
> default 206.76.17.1
> 
> (which is one of the 5 interfaces on the router that has the filter
> applied).
> 
> One "odd" piece of the configuration is this:  all the interfaces that
> samba has bound are actually different elans on a single ATM card.  The
> other card is an ethernet card.  I don't know if the OS is shoving the
> packets out the ethernet by default or what.  But, I would think samba
> (and its utils) would ignore that interface with the smb.conf parameters
> listed above.
> 
> I can give more information if you want.  Just let me know what you are
> looking for!  Thanks for the help...
> 
> === Tim
> 
> ---------------------------------------------------------------------
> |  Tim Winders, CNE, MCSE     |  Email:  Tim.Winders at SPC.cc.tx.us   |
> |  Network Administrator      |  Phone:  806-894-9611 x 2369        |
> |  South Plains College       |  Fax:    806-897-4711               |
> |  Levelland, TX  79336       |                                     |
> ---------------------------------------------------------------------
> 
> 


-- 
Christopher R. Hertel -)-----                   University of Minnesota
crh at nts.umn.edu              Networking and Telecommunications Services

More information about the samba-technical mailing list