[Samba] Block samba hosts by domain

Erick Ocrospoma zipper1790 at gmail.com
Thu Nov 10 20:58:33 UTC 2016 

On 10 November 2016 at 15:37, Linda W <samba at tlinx.org> wrote:

> Erick Ocrospoma via samba wrote:
>
>> On 10 November 2016 at 07:51, Vinicius Bones Silva via samba <
>> samba at lists.samba.org> wrote:
>>
>>
>>
>>> PROBABLY its a problem with your reverse dns resolution.
>>>
>>>
>> ​Hi,
>>
>> DNS resolution seems to work fine.​
>>
>>
> ----
>    Vinicius didn't ask about DNS resolution, exactly,  but
> *reverse* DNS resolution -- i.e. looking up a name from an address.
>
>    At best, nslookup is the wrong tool:
>
>> [root at server0 ~]# nslookup 172.25.0.100
>> Server:         172.25.0.254
>> Address:        172.25.0.254#53
>
>
>>
> ---
>    as the above shows: not only does nslookup on the ip not
> return the name, but it returns the IP for a different machine!
>

​That's the DNS server IP.
​


>
>    If you have 'dig', the "-x" option should do the trick.
>
>  dig -x 172.25.0.100
>

​
[root at server
​0​
~]# dig -x 172.25.0.10
​0​

; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> -x 172.25.0.10
​0​
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57067
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;
​​
10
​0​
.0.25.172.in-addr.arpa.      IN      PTR

;; ANSWER SECTION:
10
​0​
.0.25.172.in-addr.arpa. 86400 IN      PTR     desktop.example.com.

;; AUTHORITY SECTION:
25.172.in-addr.arpa.    86400   IN      NS      classroom.example.com.

;; ADDITIONAL SECTION:
classroom.example.com.  86400   IN      A       172.25.254.254

;; Query time: 0 msec
;; SERVER: 172.25.0.254#53(172.25.0.254)
;; WHEN: Thu Nov 10 15:48:12 EST 2016
;; MSG SIZE  rcvd: 127

​


>
> If you want to not take a cached answer (as the dig, above does),
> you can specify a server or trace from the root:
>
>  dig @dns-server1 -x IPaddr
>  dig @dns-server2 -x IPaddr
>
> or tracing:
>
>  dig +trace -x IPaddr
>
>
> Cheers,
> -l
>
>
>
>


-- 


Erick.


-------------------------------------------
IRC     :   zerick
Blog    : http://zerick.me
About :  http://about.me/zerick
Linux User ID :  549567

More information about the samba mailing list