[Samba] listenning on interfaces
Thomas Werner
werner at esmt.org
Tue Jun 15 14:33:21 GMT 2004
on friday i have to install a 2nd samba server on 1 machine with 2 network
cards. if bind interfaces only is set i think is not a problem to run 2 smbd
daemons. but i red that in man pages that nmbd always listen on 0.0.0.0 and
drops the packets which doesnt match with the addresses af parameter list.
in that case is not possible to run different instances on one machine?!
help!
cheers tom
On 15.06.2004 16:02 Uhr, "Jean LEE" <jean_lee_3 at hotmail.com> wrote:
> Hi,
>
> Thanks for your answer. I'm surprised.
> There's no way in smb.conf to tell : "I don't want that nmbd listens on
> 0.0.0.0/0" ?
>
> Regards,
>
> Jean
>
> ----- Original Message -----
> From: "Thomas Werner" <werner at esmt.org>
> To: "Jean LEE" <jean_lee_3 at hotmail.com>; <samba at lists.samba.org>
> Sent: Tuesday, June 15, 2004 11:00 AM
> Subject: Re: [Samba] listenning on interfaces
>
>
>> maybe iptables? but dont forget to open some ports for the clients:
>>
>> 111.tcp
>> 137.udp
>> 138.udp
>> 139.tcp
>> 22.tcp
>> 2222.udp
>> 445.tcp
>> 631.tcp
>> 67.udp
>> 80.tcp
>> and maybe 88.tcp for ads
>>
>> for example on a share connect. the xp clients look for a webserver on 80
> to
>> show the folder/drive content, the same for port 2222. if you drop the
>> packets, the home drive is slow, because the client timed out and get no
>> answer for special kind of service/feature.
>>
>> cheers tom
>>
>> On 15.06.2004 10:11 Uhr, "Jean LEE" <jean_lee_3 at hotmail.com> wrote:
>>
>>> Hello,
>>>
>>> I am new to samba and i would to well secure it.
>>>
>>> In smb.conf, I entered the following lines :
>>>
>>> hosts allow = 192.168.0.2 127.0.0.1
>>> hosts deny = 0.0.0.0/0
>>> bind interfaces only = yes
>>> interfaces = eth0 lo
>>>
>>> I thought that it would only listens on the local machine and my
> internal Lan
>>> (which is on eth0 192.168.0.1) but nmbd seems to always listen on
> UDP/137 and
>>> UDP/138 (netbios-ns and netbios-dgm) on 0.0.0.0/0. Here is the output of
>>> netstat :
>>>
>>> [root at ServeurLinux user]# netstat -taup
>>> Active Internet connections (servers and established)
>>> Proto Recv-Q Send-Q Local Address Foreign Address
>>> State PID/Program name
>>> tcp 0 0 192.168.0.1:netbios-ssn *:*
>>> LISTEN 3800/smbd
>>> tcp 0 0 ServeurLinu:netbios-ssn *:*
>>> LISTEN 3800/smbd
>>> tcp 0 0 ServeurLinux:ipp *:*
>>> LISTEN 3707/cupsd
>>> tcp 0 0 192.168.0.:microsoft-ds *:*
>>> LISTEN 3800/smbd
>>> tcp 0 0 ServeurLin:microsoft-ds *:*
>>> LISTEN 3800/smbd
>>> udp 0 0 192.168.0.1:netbios-ns *:*
>>> 3804/nmbd
>>> udp 0 0 *:netbios-ns *:*
>>> 3804/nmbd
>>> udp 0 0 192.168.0.1:netbios-dgm *:*
>>> 3804/nmbd
>>> udp 0 0 *:netbios-dgm
> *:*
>>> 3804/nmbd
>>>
>>>
>>> What is netbios-ns and netbios-dgm? I would prefer that nmbd doesn't
> listen on
>>> *:netbios-ns and *:netbios-dgm because I will connect my server to the
>>> internet through eth1 10.0.0.1. How can I do it?
>>>
>>> Thanks for any help.
>>>
>>> Jean Lee.
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: http://lists.samba.org/mailman/listinfo/samba
>>>
>>
>> Dipl. Betriebswirt(BA) f. Inf. Thomas Werner
>> Webmaster / Network Administrator
>> ESMT European School of Management and Technology GmbH
>> Schlossplatz 1
>> D-10178 Berlin
>> Germany
>>
>> Tel: +49 (0)30 21231 - 1085
>> Fax: +49 (0)30 21231 - 9
>> E-mail: werner at esmt.org
>> Web: http://www.esmt.org
>>
>>
>>
>
Dipl. Betriebswirt(BA) f. Inf. Thomas Werner
Webmaster / Network Administrator
ESMT European School of Management and Technology GmbH
Schlossplatz 1
D-10178 Berlin
Germany
Tel: +49 (0)30 21231 - 1085
Fax: +49 (0)30 21231 - 9
E-mail: werner at esmt.org
Web: http://www.esmt.org
More information about the samba
mailing list