[Wylug-help] LAN/samba problems

Anne Wilson cannewilson at googlemail.com
Sat Feb 9 10:36:31 GMT 2008 

On Friday 08 February 2008 22:16, you wrote:
> Anne,
>
> Your initial mail indicated that nmbd had been blown away without removing
> its pid file (on the server).  You will find a log.nmbd (and log.smbd)
> on the server (usually in /usr/local/samba/var).  Its just possible that
> log.nmbd might be of help to determine the cause.
>
[2008/02/08 15:13:29, 0] nmbd/nmbd.c:reload_interfaces(229)
  reload_interfaces: No subnets to listen to. Shutting down...

smbd.log shows only the last successful connection:

[2008/02/08 14:48:31, 1] smbd/service.c:make_connection_snum(1033)
  anne-wireless (192.168.0.95) signed connect to service ANNE initially as 
user anne (uid=500, gid=100) (pid 26242)
[2008/02/08 14:52:06, 1] smbd/service.c:close_cnum(1230)
  anne-wireless (192.168.0.95) closed connection to service ANNE

> You should be able to use swat to start nmbd (it will also show you the
> connections etc.).
>
iptables configuration is new to me, and I'm struggling with the man pages.  
As usual they are full of info for the initiated, but incomprehensible to a 
beginner :-)  Could you please give me a line for port 901?

> You need nmbd running to handle NetBIOS over IP requests.
>
I do not understand why it shut down.  Yes, at that time there was, briefly, 
nothing connected, but a server that shuts down instead of waiting for 
connection doesn't seem to be much good.

> >Nothing after that.  I guess that I had an existing set of mounts when
> > the= =20
> >firewall was activated, but it wouldn't allow a new connection.  Does
> > that= =20
> >sound right?  If so, I've got iptables problems.
>
> Indeed any firwall between you and your server will need to pass ports
>
> netbios-ns      137/tcp                         # NETBIOS Name Service
> netbios-ns      137/udp
> netbios-dgm     138/tcp                         # NETBIOS Datagram Service
> netbios-dgm     138/udp
> netbios-ssn     139/tcp                         # NETBIOS session service
> netbios-ssn     139/udp
>
> and
>
> swat            901/tcp                         # Samba Web Administration
> Tool
>
The original iptables text set up by system-config-securitylevels had the 
following lines:

-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 137 -j 
ACCEPT 
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 138 -j 
ACCEPT 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 139 -j 
ACCEPT 

I replaced them with the following, as recommended on the CentOS list:

-A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.0.0/24 --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -s 192.168.0.0/24 --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 
192.168.0.0/24 --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 
192.168.0.0/24 --dport 445 -j ACCEPT

When trying to iptables-restore I got

iptables-restore v1.3.5: Unknown arg `-s'

As you see, I'm trying, but I'm floundering :-)

Anne

More information about the Wylug-help mailing list