[Samba] Samba4 and 0.0.0.0:137 and 0.0.0.0:138 opened, why ? How do close it ?
rowlandpenny at googlemail.com
Sun Jan 11 08:52:14 MST 2015
On 11/01/15 14:58, CpServiceSPb . wrote:
> I have founded that 0.0.0.0:port could be "closed" by setting up socket
> address = wishing IP addresses,
> for example socket address = 127.0.0.1 192.168.0.254
> 2015-01-11 17:46 GMT+03:00 CpServiceSPb . <cpservicespb at gmail.com>:
>> Thanks for this answer.
>> As I understood, for example if parameter
>> bind interfaces only = yes is and
>> interfaces = lan0 (192.168.0.254) is
>> and if broadcast packet goes from 22.214.171.124 such packet will be dropped
>> (in other words) ?
>> Am I right ?
>> And other thing.
>> Why is 192.168.0.255 (network broadcast) opened for ?
>> May be exact such address (network broadcast) is inbtended for receiving
>> broadcasts ?
>> Within exact subnet but 0.0.0.0 is for all subnets ?
>> And is it possible to set off 0.0.0.0 via smb.conf ?
>> 2015-01-11 17:24 GMT+03:00 Marc Muehlfeld <mmuehlfeld at samba.org>:
>>> Am 11.01.2015 um 14:55 schrieb CpServiceSPb .:
>>>> Here are 3 faces at Ubuntu: lo, lan and wan.
>>>> There are lines:
>>>> bind interfaces only = yes
>>>> interfaces = lo lan0
>>>> in smb.conf
>>>> But netstat -tulpn shows 0.0.0.0 binded address:
>>>> tcp 0 0 192.168.0.254:139 0.0.0.0:*
>>>> LISTEN smbd
>>>> udp 0 0 192.168.0.255:137 0.0.0.0:*
>>>> udp 0 0 192.168.0.254:137 0.0.0.0:*
>>>> *udp 0 0 0.0.0.0:137 <http://0.0.0.0:137>
>>>> 0.0.0.0:* nmbd*
>>>> udp 0 0 192.168.0.255:138 0.0.0.0:*
>>>> udp 0 0 192.168.0.254:138 0.0.0.0:*
>>>> *udp 0 0 0.0.0.0:138 <http://0.0.0.0:138>
>>>> 0.0.0.0:* nmbd*
>>>> I don'n like *udp 0 0 0.0.0.0:port *at all !
>>>> Why is it so ?
>>> The smb.conf man page answers this question ('bind interfaces only'):
>>> ... nmbd also binds to the "all addresses" interface (0.0.0.0) on ports
>>> 137 and 138 for the purposes of reading broadcast messages. If this
>>> option is not set then nmbd will service name requests on all of these
>>> sockets. If bind interfaces only is set then nmbd will check the source
>>> address of any packets coming in on the broadcast sockets and discard
>>> any that don't match the broadcast addresses of the interfaces in the
>>> interfaces parameter list. ...
I am a bit confused here, you have set samba to only listen on the lo
and lan0 interfaces and these have the ipaddresses of 127.0.0.1 &
192.168.0.254. You do not like nmbd listening on 0.0.0.0 so you have
turned it off, you do know that in this context, 0.0.0.0 means listen on
all ip addresses on the machine that samba is set to use. So what you
are really saying is ' I do not like nmbd listening on all this machines
samba ip-addresses, so I will stop them listening on all these
ip-addresses and only let them listen on 127.0.0.1 & 192.168.0.254,
which are the only ipaddresses that samba will listen on anyway.
More information about the samba