hardcoded port 445

Andrew Bartlett abartlet at samba.org
Tue Nov 8 14:36:25 MST 2011

On Mon, 2011-10-31 at 17:17 -0500, Christopher R. Hertel wrote:
> Christopher R. Hertel wrote:
> > Andrew Bartlett wrote:
> >> On Mon, 2011-10-31 at 15:11 -0500, Christopher R. Hertel wrote:
> >>> Oskar Liljeblad wrote:
> >>>> Hi!
> >>>>
> >>>> I will be using Samba4 to operate in client mode.  The tunneling is simple,
> >>>> set up with ssh.  E.g.:
> >>> Samba is not a client, it is a server.  The Samba project provides a client
> >>> library called libsmbclient.  Is that what you what you will be using?
> >> Chris,
> >>
> >> Oskar is using the Samba4 DCE/RPC client library (as used by
> >> OpenChange).
> > 
> > Cool.  That's the piece of information I was missing.  Thanks!
> > 
> > Looking at the code snippets that Oskar sent in his original message, in
> > both cases the code uses the remote port number to decide whether or not to
> > send an NBT Session Request message.
> > 
> > That is, in fact, the correct approach.  If the remote port is 445, then it
> > is reasonable to assume that NBT transport is NOT in use.  If the port is
> > 139, then it would be reasonable to assume that NBT transport IS in use.
> > For any other port number you have to guess, and sending the NBT Session
> > Request is as good a guess as any.
> > 
> > Samba servers do not care whether or not they receive the NBT Session
> > Request, no matter what port it is using.  Windows is more picky.
> > 
> > According to my book (http://ubiqx.org/cifs/SMB.html#SMB.3.3.1 ... now
> > somewhat out of date), if you try naked transport first and the Windows
> > server expects NBT transport it will return a Negative Session Response.
> > That is typically quick to handle.
> > 
> > Unfortunately, if you send an NBT Session Request to a Windows server that
> > is expecting Naked TCP transport, it will send no reply at all (tested
> > against W2K, see http://ubiqx.org/cifs/SMB.html#SMB.3.3.2, last paragraph).
> > 
> > So...  Once again, I agree with the logic in the code segment that Oskar
> > originally sent, as long as the code checks for a Negative Session Response
> > and tries again.
> Ooops.  Switch that around.  The best way to go is to try naked transport
> first since that will work immediately whether or not is expecting naked
> transport.
> If you try NBT transport first (which is the default in the code Oskar
> presented), and the server port is expecting naked transport, then you will
> have to time out before you can try again.


I'm having terrible trouble keeping on top of all the things I've got
outstanding, as well as trying to get some time away from intensive
Samba development.  Could you have a go at trying to code this up for


Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list