[Samba] listenning on interfaces

Jean LEE jean_lee_3 at hotmail.com
Tue Jun 15 16:59:27 GMT 2004 

I think you just have to put in smb.conf something like

bind interfaces only = yes
interfaces = eth0 eth1 lo

No ??


----- Original Message ----- 
From: "Thomas Werner" <werner at esmt.org>
To: "Jean LEE" <jean_lee_3 at hotmail.com>; <samba at lists.samba.org>
Sent: Tuesday, June 15, 2004 4:33 PM
Subject: Re: [Samba] listenning on interfaces


> on friday i have to install a 2nd samba server on 1 machine with 2 network
> cards. if bind interfaces only is set i think is not a problem to run 2
smbd
> daemons. but i red that in man pages that nmbd always listen on 0.0.0.0
and
> drops the packets which doesnt match with the addresses af parameter list.
> in that case is not possible to run different instances on one machine?!
>
> help!
>
> cheers tom
>
>
> On 15.06.2004 16:02 Uhr, "Jean LEE" <jean_lee_3 at hotmail.com> wrote:
>
> > Hi,
> >
> > Thanks for your answer. I'm surprised.
> > There's no way in smb.conf to tell : "I don't want that nmbd listens on
> > 0.0.0.0/0" ?
> >
> > Regards,
> >
> > Jean
> >
> > ----- Original Message -----
> > From: "Thomas Werner" <werner at esmt.org>
> > To: "Jean LEE" <jean_lee_3 at hotmail.com>; <samba at lists.samba.org>
> > Sent: Tuesday, June 15, 2004 11:00 AM
> > Subject: Re: [Samba] listenning on interfaces
> >
> >
> >> maybe iptables? but dont forget to open some ports for the clients:
> >>
> >> 111.tcp
> >> 137.udp
> >> 138.udp
> >> 139.tcp
> >> 22.tcp
> >> 2222.udp
> >> 445.tcp
> >> 631.tcp
> >> 67.udp
> >> 80.tcp
> >> and maybe 88.tcp for ads
> >>
> >> for example on a share connect. the xp clients look for a webserver on
80
> > to
> >> show the folder/drive content, the same for port 2222. if you drop the
> >> packets, the home drive is slow, because the client timed out and get
no
> >> answer for special kind of service/feature.
> >>
> >> cheers tom
> >>
> >> On 15.06.2004 10:11 Uhr, "Jean LEE" <jean_lee_3 at hotmail.com> wrote:
> >>
> >>> Hello,
> >>>
> >>> I am new to samba and i would to well secure it.
> >>>
> >>> In smb.conf, I entered the following lines :
> >>>
> >>> hosts allow = 192.168.0.2 127.0.0.1
> >>> hosts deny = 0.0.0.0/0
> >>> bind interfaces only = yes
> >>> interfaces = eth0 lo
> >>>
> >>> I thought that it would only listens on the local machine and my
> > internal Lan
> >>> (which is on eth0 192.168.0.1) but nmbd seems to always listen on
> > UDP/137 and
> >>> UDP/138 (netbios-ns and netbios-dgm) on 0.0.0.0/0. Here is the output
of
> >>> netstat :
> >>>
> >>> [root at ServeurLinux user]# netstat -taup
> >>> Active Internet connections (servers and established)
> >>> Proto Recv-Q Send-Q Local Address                     Foreign Address
> >>> State     PID/Program name
> >>> tcp     0             0         192.168.0.1:netbios-ssn         *:*
> >>> LISTEN     3800/smbd
> >>> tcp     0             0         ServeurLinu:netbios-ssn         *:*
> >>> LISTEN     3800/smbd
> >>> tcp     0             0        ServeurLinux:ipp                    *:*
> >>> LISTEN     3707/cupsd
> >>> tcp     0             0         192.168.0.:microsoft-ds         *:*
> >>> LISTEN     3800/smbd
> >>> tcp     0             0         ServeurLin:microsoft-ds         *:*
> >>> LISTEN     3800/smbd
> >>> udp     0             0        192.168.0.1:netbios-ns         *:*
> >>> 3804/nmbd
> >>> udp     0             0        *:netbios-ns
*:*
> >>> 3804/nmbd
> >>> udp     0             0         192.168.0.1:netbios-dgm     *:*
> >>> 3804/nmbd
> >>> udp     0             0         *:netbios-dgm
> > *:*
> >>> 3804/nmbd
> >>>
> >>>
> >>> What is netbios-ns and netbios-dgm? I would prefer that nmbd doesn't
> > listen on
> >>> *:netbios-ns and *:netbios-dgm because I will connect my server to the
> >>> internet through eth1 10.0.0.1. How can I do it?
> >>>
> >>> Thanks for any help.
> >>>
> >>> Jean Lee.
> >>> --
> >>> To unsubscribe from this list go to the following URL and read the
> >>> instructions:  http://lists.samba.org/mailman/listinfo/samba
> >>>
> >>
> >> Dipl. Betriebswirt(BA) f. Inf. Thomas Werner
> >> Webmaster / Network Administrator
> >> ESMT European School of Management and Technology GmbH
> >> Schlossplatz 1
> >> D-10178 Berlin
> >> Germany
> >>
> >> Tel: +49 (0)30 21231 - 1085
> >> Fax: +49 (0)30 21231 - 9
> >> E-mail: werner at esmt.org
> >> Web: http://www.esmt.org
> >>
> >>
> >>
> >
>
> Dipl. Betriebswirt(BA) f. Inf. Thomas Werner
> Webmaster / Network Administrator
> ESMT European School of Management and Technology GmbH
> Schlossplatz 1
> D-10178 Berlin
> Germany
>
> Tel: +49 (0)30 21231 - 1085
> Fax: +49 (0)30 21231 - 9
> E-mail: werner at esmt.org
> Web: http://www.esmt.org
>
>
>

More information about the samba mailing list