freebsd stable - Feb 2006 - FreeBSD 6-stable hosts.allow and samba

Hi Guys,
I have been stuffing around for a silly amount of time trying to connect 
to a test samba install on a 6-stable box with from WinXP with no success.

I checked the logs like hell on (enabled all.log) and saw nothing, no 
server rejections nothing. In log.nmbd I did see a bunch of nice 
messages like host resolution and master browser successful elections etc.

After trying just about everything to connect to the Samba I enabled 
"ALL : ALL : allow" in hosts.allow as a last resort and boom there
comes
up my samba server via MS windows.

This is what I had in hosts.allow below.

ALL : localhost 127.0.0.1 : allow
ALL : 192.168.0. : allow
ALL : ALL \
        : severity auth.info \
        : twist /bin/echo "You are not welcome to use %d from %h."

Looking at the example hosts.allow I can see why this would fail as IP 
based address are always fully netmasked unlike my short handed "ALL : 
192.168.0. : allow"

The examples and hostnames like  .evil.cracker.example.com are used 
through me off a bit as I just assumed it would work, and also because 
such terminology is used in the smb.conf

I think its a bit ordinary that nothing comes up in any of the logs in 
/var/log when samba rejects with no warning via tcpwrappers and I 
believe there should be something in hosts.allow to say that something 
like "ALL : 192.168.0. : allow" doesn't work at all such as

# This does not work
# ALL : 192.168.0. : allow

# Use full sub-netting terminology instead
# ALL : 192.168.0.0/255.255.255.0 : allow

I think this is needed as I believe I have been burned by this before 
and I can only assume other people have as well.

Just my thoughts

Mike

Hi,
>>>>> On Tue, 28 Feb 2006 22:07:52 +1100
>>>>> Michael Vince <mv@roq.com> said:
mv> I checked the logs like hell on (enabled all.log) and saw nothing, no 
mv> server rejections nothing. In log.nmbd I did see a bunch of nice 
mv> messages like host resolution and master browser successful elections
etc.

mv> After trying just about everything to connect to the Samba I enabled 
mv> "ALL : ALL : allow" in hosts.allow as a last resort and boom
there comes
mv> up my samba server via MS windows.

mv> This is what I had in hosts.allow below.

mv> ALL : localhost 127.0.0.1 : allow
mv> ALL : 192.168.0. : allow
mv> ALL : ALL \
mv>         : severity auth.info \
mv>         : twist /bin/echo "You are not welcome to use %d from
%h."

It's strange.  I've just tested it on my box but with ftp.  It seems
working fine.

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/