Port knock of 445 prevents smbd from starting
Jeremy Allison
jra at samba.org
Wed Jan 15 23:12:45 UTC 2020
On Wed, Jan 15, 2020 at 11:04:25PM +0000, Christopher O Cowan - Christopher.O.Cowan at ibm.com wrote:
> So, the inbound packet is a connection attempt by the LB, no data is being set. It looks like it is only verifying that it completes the 3 way handshake. From my tcpdump traces, I see the SYN -> FIN and then it ends.
>
> It reports a status of NT_STATUS_END_OF_FILE. The smb_len is 5456, as it returns from read_smb_length_return_keepalive. Seems to me this should be 0.
read_fd_with_timeout() should not return with zero bytes
when called from read_smb_length_return_keepalive().
read_smb_length_return_keepalive() ->
status = read_fd_with_timeout(fd, inbuf, 4, 4, timeout, NULL);
where:
NTSTATUS read_fd_with_timeout(int fd, char *buf,
size_t mincnt, size_t maxcnt,
unsigned int time_out,
size_t *size_ret)
mincnt and maxcnt == 4, so it should never be
returning NT_STATUS_OK unless it read at least
mincnt bytes.
Can you instrument read_fd_with_timeout() to
find out what is going on here ?
More information about the samba-technical
mailing list