[Samba] NT_STATUS_IO_TIMEOUT at open_socket_out_send due to firewall
Jason Waters
jason at geeknocity.com
Thu Jun 23 19:50:53 UTC 2016
True, but would be interesting enough to test. You could edit the startup
script(winbind) to run the iptables command before it starts, and then
remove it after it is started?
On Thu, Jun 23, 2016 at 3:46 PM, Mike Ely <me at mikeely.org> wrote:
> On 06/23/2016 12:43 PM, Jason Waters wrote:
>
>> Have you tried using IPTABLES to REJECT that port. It will send something
>> back and then maybe the timeout will fail immediately instead of waiting
>> the timeout period? So on the local machine(that is running winbind) try
>>
>> iptables -A OUTPUT -p tcp --dport 49155 -j REJECT
>> iptables -A INPUT -p tcp --dport 49155 -j REJECT
>>
>> Might not need it in both, but since we are checking...
>>
>> Good idea. The only problem is that port 49155 is one of those RPC
> highports, so there's no guarantee that specific port will always be used,
> and I wouldn't necessarily want to add an OUTPUT filter against all
> highports.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list