Port knock of 445 prevents smbd from starting

Jeremy Allison jra at samba.org
Wed Jan 15 23:12:45 UTC 2020


On Wed, Jan 15, 2020 at 11:04:25PM +0000, Christopher O Cowan - Christopher.O.Cowan at ibm.com wrote:
> So, the inbound packet is a connection attempt by the LB, no data is being set.  It looks like it is only verifying that it completes the 3 way handshake.    From my tcpdump traces, I see the SYN -> FIN and then it ends.
> 
> It reports a status of NT_STATUS_END_OF_FILE.    The smb_len is 5456, as it returns from read_smb_length_return_keepalive.  Seems to me this should be 0. 

read_fd_with_timeout() should not return with zero bytes
when called from read_smb_length_return_keepalive().

read_smb_length_return_keepalive() ->

	status = read_fd_with_timeout(fd, inbuf, 4, 4, timeout, NULL);

where:

NTSTATUS read_fd_with_timeout(int fd, char *buf,
                                  size_t mincnt, size_t maxcnt,
                                  unsigned int time_out,
                                  size_t *size_ret)

mincnt and maxcnt == 4, so it should never be
returning NT_STATUS_OK unless it read at least
mincnt bytes.

Can you instrument read_fd_with_timeout() to
find out what is going on here ?



More information about the samba-technical mailing list