Port knock of 445 prevents smbd from starting

Christopher O Cowan - Christopher.O.Cowan@ibm.com Christopher.O.Cowan at ibm.com
Wed Jan 15 23:04:25 UTC 2020

So, the inbound packet is a connection attempt by the LB, no data is being set.  It looks like it is only verifying that it completes the 3 way handshake.    From my tcpdump traces, I see the SYN -> FIN and then it ends.

It reports a status of NT_STATUS_END_OF_FILE.    The smb_len is 5456, as it returns from read_smb_length_return_keepalive.  Seems to me this should be 0. 

Not seeing it go through receive_smb_raw_talloc_partial_read() or read_packet_remainder().   Wondering whether this is another instance of it reentrant call losing track of the messages,  in the queue?  AIX uses a lot more things from the replace libraries than Linux.

I can recreate this easily doing a "smbd -d10 -I".    But, not seeing the same thing in log.smbd if I run it "smbd -D" today.    Could have sworn both invocations were failing the same way, yesterday.

I'll be looking at it some more later tonight.  
Are people still using the IRC channel?


On 1/14/20, 4:41 PM, "Jeremy Allison" <jra at samba.org> wrote:

    On Tue, Jan 14, 2020 at 10:13:28PM +0000, Christopher O Cowan - Christopher.O.Cowan at ibm.com wrote:
    > Sorry, that's my commit of Amitay's patch.
    > Here's the compile I did:
    > So it should say de768710e16
    Yeah, I think you need to add more debugs to find out the
    exact length being returned by read_smb_length_return_keepalive()
    and what timeout is being used in receive_smb_raw_talloc_partial_read()
    or read_packet_remainder() to debug this properly.

More information about the samba-technical mailing list