libsmbclient: Vista servers disconnect on netbios keepalive message on port 445

Christopher R. Hertel crh at ubiqx.mn.org
Wed Dec 27 17:56:11 GMT 2006


derrell at samba.org wrote:
> "Christopher R. Hertel" <crh at ubiqx.mn.org> writes:
> 
>> It's a minor point, but I'll mention again that the port number alone may
>> not be enough to properly determine whether NBT or naked TCP transport is
>> being used.
> 
> Actually, in this case, I think it probably is.  This is libsmbclient and we
> are issuing the requests on either port 139 or port 445.  We know which port
> we've used and we used it intentionally.  In this case, if the destination has
> played games with port-mapping, they can't expect it to work.  An old Windows
> client would use port 139, knowing nothing about port 445, and would exhibit
> exactly the same behavior when it sent keep-alive requests.
> 
> Or am I missing something?

You're not missing anything.  It is a minor point, but I had to study it a
while back because I caught a bit of heck when I was first working on the
SMB URI docs.

That's why SMB URI scheme supports the :port syntax, as in:

  smb://user@server:port/share/path/file.ext
                   ^^^^^

The gotcha is a non-standard port.  If the <port> field isn't 139 or 445
then you don't know which transport is in use until you do a little testing.
 The tests are fairly easy, though, and don't take much time.  You'd only
have to keep a flag on the session to indicate which transport is in use.

Also, as someone else pointed out, it's not clear that an NBT keepalive is
really needed even when using NBT transport.

Thing is, libsmbclient is supposed to support the SMB URI, so that :port
syntax should be available to the end user.  Mapping ports through a
firewall is fairly common practice.

By the way, there is a keepalive parameter in smb.conf.  I don't know
whether libsmbclient reads that value or not, and the docs don't say what
value means "turn this off", but I would assume that zero would do the job.

In my book I wrote that it was evil to use naked transport on port 139 or
NBT transport on port 445.  It has occurred to me since that there is a
(quirky) reason someone might need to do this.  If the firewall
administrator is a BOFH, and [s]he has opened only one of those ports (139
or 445), you might need to use the "wrong" port for the "wrong" transport.
That's a corner case, of course, but that's what I'm good at.  ;)

Chris -)-----

--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org


More information about the samba-technical mailing list