netbios over tcp/ip on samba

Tony tony at csi.com.br
Tue Jan 15 09:10:12 GMT 2002 

christopher,

just correting one thing that i said :
"i need to comunicate one program (runnind on DOS (not on windows) - i already have
this running ok) to another one running in linux using netbios (datagram) over
tcp/ip."

could the samba help us in this case ?
i'm trying to undestand better what you said about the scenario that would work.
in other words, how do i :
- do a name registration request on samba ?
- make a aplication receive messages from samba ? (must the aplication listen to a
specific port ?)
- what port should i use to comunicate with samba ?

thanks again.
tony
-----------------

"Christopher R. Hertel" wrote:

> > Pranay wrote:
> > >
> > > Hi,
> > >     I think ur right. just tell me onething, what I'm thinking is in Linux u
> > > can login through different terminals right...??? suppose say I logged in to
> > > one Linux machine using my username...another person came & he logged in using
> > > his user name. so at a time there r two terminals r opened rt...??? now lets
> > > come to the point...if say person X wants to send message to me & he sends
> > > message from Wondows machine using net send (its just a logic i'm thinking
> > > about), then that message is supposed to reach @ my terminal rt...??? now
> > > there's only one Linux machine sharing same NetBIOS name. if that message sent
> > > successfully then it must get appeared on all opened terminals...is it
> > > correct...??? & the person want to send that message to me only...!!!
> > >
> > >     Is there any solution for this...scenario...??? & if yes Please let me
> > > know it.
> >
> > Samba does not advertise who is logged in on a box via netbios.  As such
> > you could not do a net send with a username.  Samba uses whatever
> > program you define in your smb.conf to inform you of an incoming
> > message.  If you don't set it up, I think it just drops it on the floor.
>
> Right.  *Samba* does not register names such as user names.
>
> Keep the design of the NetBIOS system in mind as you think of this, however.
>
> In TCP/IP, and address represents an interface and a port number
> represents a communications endpoint: an application or service.
>
> NetBIOS names are analogous to the combination of *both*.
>
> So, here's the scenario that would work (please note that I am *not*
> saying this is something we should do with Samba...It's just that this is
> how it would work if we *did* try to support NetBIOS communications):
>
>   - The user would run a local application, under their own username, that
>     would talk to Samba (via a Unix Domain Socket or other IPC).
>
>   - The user application would register a NetBIOS name by sending the
>     name to Samba.  The application would also specify whether it wanted
>     to send/receive datagrams or open a session (that is, port 138/UDP or
>     port 139/TCP).
>
>   - Whenever the application wanted to send a message, it would pass that
>     message to Samba.  Samba would add an NBT header and send the message.
>     Any messages arriving for the registered name would have their NBT
>     header stripped off and passed to the waiting application.
>
> Thus: User-level NetBIOS Domain Sockets.  :)
>
> Of course, if such a thing were to be done we would probably introduce the
> NBTD that I've ranted about (a long time ago, before all the other stuff
> that has floated across the list lately).
>
> I've thought about this a lot.  Mostly because it the way things were
> intended to work in the RFCs.  There are a lot of good reasons to do
> things in non-RFC ways... it's just that I've been studying the RFCs.  :)
>
> Some folks have pointed out that this has some security problems.  Most
> notably that it gives normal users access to privilaged ports (137/UDP,
> 138/UDP, and 139/TCP).  That's true, but only partly.  The NBT layer
> itself limits what one can do with those ports and it would be best if the
> NBTD were to do some triage.  The design above really only provides access
> to the virtual NetBIOS LAN.
>
> That said, there are also other ways to do this.  I suggested earlier
> that Samba could offer a generic IPC service which could be configured by
> the system administrator and would work something like an inetd.
>
> I know that a lot of similar ideas have been floated recently.  I have
> been thinking about the stuff presented here for a long time and, once
> again, I'm not planning on changing Samba to do this (not yet, and not
> without a lot of discussion and buy-in).  It's worth thinking about how
> and why one might do these things.  I *am* working (slowly) on separate
> code to test these designs.
>
> Chris -)-----
>
> --
> Christopher R. Hertel -)-----                   University of Minnesota
> crh at nts.umn.edu              Networking and Telecommunications Services
>
>     Ideals are like stars; you will not succeed in touching them
>     with your hands...you choose them as your guides, and following
>     them you will reach your destiny.  --Carl Schultz

More information about the samba-technical mailing list