[Samba] Samba4 and 0.0.0.0:137 and 0.0.0.0:138 opened, why ? How do close it ?

CpServiceSPb . cpservicespb at gmail.com
Sun Jan 11 07:58:10 MST 2015 

I have founded that 0.0.0.0:port could be "closed" by setting up socket
address = wishing IP addresses,
for example socket address = 127.0.0.1 192.168.0.254

2015-01-11 17:46 GMT+03:00 CpServiceSPb . <cpservicespb at gmail.com>:

> Thanks for this answer.
> As I understood, for example if parameter
> bind interfaces only = yes is and
> interfaces = lan0 (192.168.0.254) is
>
> and if broadcast packet goes from 95.95.95.14 such packet will be dropped
> (in other words) ?
> Am I right ?
>
> And other thing.
> Why is 192.168.0.255 (network broadcast) opened for ?
> May be exact such address (network broadcast) is inbtended for receiving
> broadcasts ?
> Within exact subnet but 0.0.0.0 is for all subnets ?
>
> And is it possible to set off 0.0.0.0 via smb.conf ?
>
>
> 2015-01-11 17:24 GMT+03:00 Marc Muehlfeld <mmuehlfeld at samba.org>:
>
>> Hello,
>>
>> Am 11.01.2015 um 14:55 schrieb CpServiceSPb .:
>> > Here are 3 faces at Ubuntu: lo, lan and wan.
>> > There are lines:
>> > bind interfaces only = yes
>> > interfaces = lo lan0
>> > in smb.conf
>> >
>> > But netstat -tulpn shows 0.0.0.0 binded address:
>> > tcp         0      0 192.168.0.254:139         0.0.0.0:*
>> > LISTEN      smbd
>> > udp        0      0 192.168.0.255:137         0.0.0.0:*
>> > nmbd
>> > udp        0      0 192.168.0.254:137         0.0.0.0:*
>> > nmbd
>> > *udp       0      0 0.0.0.0:137 <http://0.0.0.0:137>
>> > 0.0.0.0:*                                  nmbd*
>> > udp        0      0 192.168.0.255:138         0.0.0.0:*
>> > nmbd
>> > udp        0      0 192.168.0.254:138         0.0.0.0:*
>> > nmbd
>> > *udp       0      0 0.0.0.0:138 <http://0.0.0.0:138>
>> > 0.0.0.0:*                                  nmbd*
>> >
>> > I don'n like *udp       0      0 0.0.0.0:port *at all !
>> >
>> > Why is it so ?
>>
>>
>> The smb.conf man page answers this question  ('bind interfaces only'):
>>
>> ... nmbd also binds to the "all addresses" interface (0.0.0.0) on ports
>> 137 and 138 for the purposes of reading broadcast messages. If this
>> option is not set then nmbd will service name requests on all of these
>> sockets. If bind interfaces only is set then nmbd will check the source
>> address of any packets coming in on the broadcast sockets and discard
>> any that don't match the broadcast addresses of the interfaces in the
>> interfaces parameter list. ...
>>
>>
>>
>>
>> Regards,
>> Marc
>>
>
>

More information about the samba mailing list