dyn netbios/ip map (right one)

michelegonella at libero.it michelegonella at libero.it
Sat Oct 25 21:53:19 GMT 2003

Sorry for my previous dump post ;-)
Thanks Chris,
my problem is having an updated map of ip addresses of each host within the LAN
because linux kernel ip stuff(iptables, ip command) deal with ip addresses
 whereas  in dhcp based networks host/ip binding has to be considered dynamic.
Thus identifying hosts by their netbios name is the best way of profiling the
access to net resources (allowed ports, traffic bandwidth etc.).
The environment must be as generic as possible; I played a little with nmblookup
which works perfectly in a wild all broadcast network, and maybe also in
a more complex subnetted wins served environment except for the traffic you 
generate depending on how often you poll clients, at the moment I  do one broadcast
to know the addresses and one unicast for each host to know the name.  
Nmbd came to my mind when I saw the log file and had a look at the source code,
because I noticed that broadcast name requests are mapped in nmbd memory.
So I thought that the job of knowing all clients addresses was already accomplished
by nmbd and that there was no need of flooding the LAN with query/answers packets
because I could have the netbios/ip pairs readily on my host just by running
nmbd (my
best compliments to developers for how the code is clear and well commented).
I did some tests using nmbd as wins server, and used the wins hook capability,
but some
problems arose;  samba wins can't get browse lists from MS wins servers (I
didn't test it
but I read it in the O'Really book) so using a client is the only solution for
subnetted nets and 
also wins hook doesn't work with  broadcasts; also wins.dat gives infos just
about the clients
who use nmbd as their own wins server.
That's why I'm stuck at the moment; my guess is that in nmbd's memory there is
an updated 
map of all clients in all subnets whichever MS-hybrid  name resolution method
they use.
But  I am not sure about that and also I think samba developers have faced the
problem of
this passive/active discovery so many times....
If necessary I I can think of patching nmbd to dump the cliets map but it can be
hard and
maybe there is just asigle hacking point to get the best result.

thanks again(also for the link which is great)


---------- Initial Header -----------

From      : crh at ubiqx.mn.org
To          : "michelegonella at libero.it" michelegonella at libero.it
Cc          : "samba-technical" samba-technical at lists.samba.org
Date      : Sat, 25 Oct 2003 11:26:31 -0500
Subject : Re: dyn netbios/ip map

> "michelegonella at libero.it" wrote:
> > 
> > Hi,
> > I need to write a daemon app to be run on a internet gateway
> > in order to set/unset iptables and traffic shaping rules based
> > on netbios names; after reading documentation and browsing
> > the the samba source code I am thinking of running just nmbd
> > on the gateway and from it to gather the informations needed.
> > The service should be designed to work in "almost any" windows
> > network architecture with mixed workgroups/domains and the
> > internal LAN could be subnetted.
> > What I want to ask is the easiest way of gathering a list of
> > netbios/ip_addr pairs relative to all the machines within the LAN
> > once smb.conf is set up correctly to map all the Domain Controllers
> > and Wins servers, plus of course what comes from broadcast registrations.
> > Actually I think I need something to poll with a settable refresh time.
> > Any ideas ?
> > Will it be in any cases unreliable ?
> > If possible I wouldn't try to patch nmbd, because I want to update it
> > as soon as new releases are coming.
> > 
> > thanks in advance for any help or suggestions.
> I am not at all clear on what you are trying to accomplish here.  You don't
> explain why the gateway needs to know about NBT name registrations, or how
> the gateway will use that information (other than to say that you'll be
> updating iptables).
> At a guess, I don't think that running nmbd will solve your problem unless
> you use nmbd as the WINS server for the network behind your gateway.  If
> nmbd is the WINS server, then you can look at the wins.dat file to see what
> names have been registered.  Otherwise, collecting such a list will be
> difficult.
> Read:  http://ubiqx.org/cifs/NetBIOS.html
> Lots of information on how NBT really works.
> Chris -)-----
> -- 
> "Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
> Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
> jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
> ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
> OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list