Samba not responding to broadcast calls from networked
PCs.
Short: My Redhat Linux 8.0 box is not replying to udp
broadcasts, and I can't figure out why.
Network:
The offending Redhat 8.0 Linux Box (//DS) attempting
to run Samba 2.2.7
Firewall Redhat 7.3 (//IW) successfully running Samba
2.2.4
Win98 (//MS)
Win2k (//SL) <Not running at the time of these tests>
Very long:
I've read through the docs, the mans, the FAQs and
relevant responses to samba questions I can find. I
have read a lot of The Samba Black Book (which seems
sadly quite outdated these days). I'm stumped! I have
a hunch the problem is some sort of security access
issue with RedHat 8.0, but I can't find any
documentation that refers to such a thing, let alone
how to resolve it. I have spent a good deal of time
trying to hunt the problem down on my own, or through
the trouble-shooting guides, but I seem to have a
problem that none of them address. Hopefully one of
the guru's here will know what to make of this. I'm
fairly sure it's just a configuration issue, but I
just can't seem to figure it out from the doc. I've
tried lots and lots of smb.conf settings, but none of
them seem to result in a working configuration.
Thank you, Stephen
SWAT Note:
When I try http://DS:901 the browser tries to find
www.DS.com:901.
When I try http://192.168.10.68:901/ I get an error:
Document contains no data.
When I try http://localhost:901/ I get taken into
SWAT.
# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.10.68 DS
192.168.10.1 IW
192.168.10.65 MS
Test 1:
================================================================Testparm
smb.conf shows no errors
Test 2:
================================================================Everyone pings
everyone else with no trouble.
Test 3:
================================================================from //DS
# smbclient -L DS -N
added interface ip=192.168.10.68 bcast=192.168.10.255
nmask=255.255.255.0
Anonymous login successful
Domain=[MYNET] OS=[Unix] Server=[Samba 2.2.7]
Sharename Type Comment
--------- ---- -------
homes Disk
public Disk
IPC$ IPC IPC Service (Samba
2.2.7)
ADMIN$ Disk IPC Service (Samba
2.2.7)
Server Comment
--------- -------
DS Samba 2.2.7
Workgroup Master
--------- -------
MYNET
from //IW
# smbclient -L DS -N
added interface ip=127.0.0.1 bcast=127.255.255.255
nmask=255.0.0.0
added interface ip=192.168.10.1 bcast=192.168.10.255
nmask=255.255.255.0
Connection to DS failed
+++++++++++++++++++++++++++++++++++++
from //DS
# echo 'hello' | telnet DS 139
Trying 192.168.10.68...
Connected to DS
Escape character is '^]'.
Connection closed by foreign host.
>From //IW
# echo 'hello' | telnet DS 139
Trying 192.168.10.68...
Telnet: Connection to address 192.168.10.68:
Connection refused.
+++++++++++++++++++++++++++++++++++++
Here's the result of netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign
Address State
tcp 0 0 *:32768 *:*
LISTEN
tcp 0 0 *:swat *:*
LISTEN
tcp 0 0 *:9098 *:*
LISTEN
tcp 0 0 *:netbios-ssn *:*
LISTEN
tcp 0 0 *:sunrpc *:*
LISTEN
tcp 0 0 *:x11 *:*
LISTEN
tcp 0 0 *:ssh *:*
LISTEN
tcp 0 0 localhost.localdom:smtp *:*
LISTEN
tcp 0 0 localhost.localdo:32959 *:*
LISTEN
udp 0 0 *:32768 *:*
udp 0 0 demonseed:netbios-ns *:*
udp 0 0 *:netbios-ns *:*
udp 0 0 demonseed:netbios-dgm *:*
udp 0 0 *:netbios-dgm *:*
udp 0 0 *:bootpc *:*
udp 0 0 *:sunrpc *:*
+++++++++++++++++++++++++++++++++++++
# PS -aux [edited]
USER PID %CPU %MEM VSZ RSS TTY STAT
START TIME COMMAND
root 1773 0.0 0.6 4932 1780 ? S
14:40 0:00 smbd -D
root 1777 0.0 0.6 3780 1548 ? S
14:40 0:00 nmbd -D
+++++++++++++++++++++++++++++++++++++
# tcpdump port 139
15:36:50.828305 MS.netbios-ns >
192.168.10.255.netbios-ns: NBT UDP PACKET(137):
QUERY; REQUEST; BROADCAST
15:36:51.578282 MS.netbios-ns >
192.168.10.255.netbios-ns: NBT UDP PACKET(137):
REGISTRATION; REQUEST; BROADCAST
15:36:52.328277 MS.netbios-ns >
192.168.10.255.netbios-ns: NBT UDP PACKET(137):
REGISTRATION; REQUEST; BROADCAST
[NOTE: //DS never replies]
+++++++++++++++++++++++++++++++++++++
# cat hosts.allow
ALL : ALL
+++++++++++++++++++++++++++++++++++++
# ifconfig
eth0 Link encap:Ethernet HWaddr
00:C0:F0:47:C8:67
inet addr:192.168.10.68
Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:3170 errors:0 dropped:0
overruns:0 frame:0
TX packets:2271 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2497315 (2.3 Mb) TX bytes:291114
(284.2 Kb)
Interrupt:10 Base address:0xff00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1403 errors:0 dropped:0
overruns:0 frame:0
TX packets:1403 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:603803 (589.6 Kb) TX bytes:603803
(589.6 Kb)
+++++++++++++++++++++++++++++++++++++
# cat /etc/samba/smb.conf
# Samba config file created using SWAT
# from localhost.localdomain (127.0.0.1)
# Date: 2003/02/10 13:23:25
# Global parameters
[global]
workgroup = SADNET
; interfaces = eth0 192.168.10.0
; Tried with these in, and out to no avail
; remote announce = 192.168.10.255
; remote browse sync = 192.168.10.255
[homes]
path = /home/%u
read only = No
[public]
path = /home/CommonShare
valid users = +users, root
read only = No
guest ok = Yes
+++++++++++++++++++++++++++++++++++++
# cat /etc/xinetd.d/netbios-ssn
service netbios-ssn
{
socket_type = stream
protocol = tcp
wait = no
user = root
server = smbd
disable = no
}
+++++++++++++++++++++++++++++++++++++
# cat /etc/xinetd.d/netbios-ns
service netbios-ns
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = nmbd
disable = no
}
Test 4:
================================================================from //DS
# nmblookup -B DS __SAMBA__
querying __SAMBA__ on 192.168.10.68
192.168.10.68 __SAMBA__<00>
from //IW
# nmblookup -B DS __SAMBA__
querying __SAMBA__ on 192.168.10.68
name_query failed to find name __SAMBA__<00>
Test 5:
================================================================from //DS
# nmblookup -B MS '*'
querying * on 192.168.10.65
192.168.10.65 *<00>
from //IW
# nmblookup -B MS '*'
querying * on 0.0.0.0
192.168.10.1 *<00>
Test 6:
================================================================from //DS
# nmblookup -d 2 '*'
added interface ip=192.168.10.68 bcast=192.168.10.255
nmask=255.255.255.0
querying * on 192.168.10.255
Got a positive name query response from 192.168.10.65
( 192.168.10.65 )
Got a positive name query response from 192.168.10.1 (
192.168.10.1 )
192.168.10.65 *<00>
192.168.10.1 *<00>
from //IW
added interface ip=127.0.0.1 bcast=127.255.255.255
nmask=255.0.0.0
added interface ip=192.168.10.1 bcast=192.168.10.255
nmask=255.255.255.0
querying * on 127.0.0.255
Got a positive name query response from 127.0.0.1 (
192.168.10.1 )
192.168.10.1 *<00>
Test 7:
================================================================from //DS
# smbclient //DS/public -U root
Connection made.
from //IW
# smbclient //DS/public -U root
added interface ip=127.0.0.1 bcast=127.255.255.255
nmask=255.0.0.0
added interface ip=192.168.10.1 bcast=192.168.10.255
nmask=255.255.255.0
Connection to DS failed.
Tests 8 - 11
================================================================fail.
__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com
Have you looked at the Redhat firewall? Have you looked into xinetd? Have you run nmap or other such program against the RH server? Are you sure the nmbd and smbd daemons are running? What does: netstat -apn | egrep "13[789] " show? Joel On Tue, Feb 11, 2003 at 01:46:18PM -0800, stephen dee wrote:> Samba not responding to broadcast calls from networked > PCs. > > Short: My Redhat Linux 8.0 box is not replying to udp > broadcasts, and I can't figure out why. > > Network: > The offending Redhat 8.0 Linux Box (//DS) attempting > to run Samba 2.2.7 > Firewall Redhat 7.3 (//IW) successfully running Samba > 2.2.4 > Win98 (//MS) > Win2k (//SL) <Not running at the time of these tests> > > Very long: > I've read through the docs, the mans, the FAQs and > relevant responses to samba questions I can find. I > have read a lot of The Samba Black Book (which seems > sadly quite outdated these days). I'm stumped! I have > a hunch the problem is some sort of security access > issue with RedHat 8.0, but I can't find any > documentation that refers to such a thing, let alone > how to resolve it. I have spent a good deal of time > trying to hunt the problem down on my own, or through > the trouble-shooting guides, but I seem to have a > problem that none of them address. Hopefully one of > the guru's here will know what to make of this. I'm > fairly sure it's just a configuration issue, but I > just can't seem to figure it out from the doc. I've > tried lots and lots of smb.conf settings, but none of > them seem to result in a working configuration. > > Thank you, Stephen > > SWAT Note: > When I try http://DS:901 the browser tries to find > www.DS.com:901. > When I try http://192.168.10.68:901/ I get an error: > Document contains no data. > When I try http://localhost:901/ I get taken into > SWAT. > > # cat /etc/hosts > 127.0.0.1 localhost.localdomain localhost > 192.168.10.68 DS > 192.168.10.1 IW > 192.168.10.65 MS > > Test 1: > ================================================================> Testparm smb.conf shows no errors > > Test 2: > ================================================================> Everyone pings everyone else with no trouble. > > Test 3: > ================================================================> from //DS > # smbclient -L DS -N > added interface ip=192.168.10.68 bcast=192.168.10.255 > nmask=255.255.255.0 > Anonymous login successful > Domain=[MYNET] OS=[Unix] Server=[Samba 2.2.7] > > Sharename Type Comment > --------- ---- ------- > homes Disk > public Disk > IPC$ IPC IPC Service (Samba > 2.2.7) > ADMIN$ Disk IPC Service (Samba > 2.2.7) > > Server Comment > --------- ------- > DS Samba 2.2.7 > > Workgroup Master > --------- ------- > MYNET > > from //IW > # smbclient -L DS -N > added interface ip=127.0.0.1 bcast=127.255.255.255 > nmask=255.0.0.0 > added interface ip=192.168.10.1 bcast=192.168.10.255 > nmask=255.255.255.0 > Connection to DS failed > > +++++++++++++++++++++++++++++++++++++ > from //DS > # echo 'hello' | telnet DS 139 > Trying 192.168.10.68... > Connected to DS > Escape character is '^]'. > Connection closed by foreign host. > > >From //IW > # echo 'hello' | telnet DS 139 > Trying 192.168.10.68... > Telnet: Connection to address 192.168.10.68: > Connection refused. > > +++++++++++++++++++++++++++++++++++++ > Here's the result of netstat -a > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign > Address State > tcp 0 0 *:32768 *:* > LISTEN > tcp 0 0 *:swat *:* > LISTEN > tcp 0 0 *:9098 *:* > LISTEN > tcp 0 0 *:netbios-ssn *:* > LISTEN > tcp 0 0 *:sunrpc *:* > LISTEN > tcp 0 0 *:x11 *:* > LISTEN > tcp 0 0 *:ssh *:* > LISTEN > tcp 0 0 localhost.localdom:smtp *:* > LISTEN > tcp 0 0 localhost.localdo:32959 *:* > LISTEN > udp 0 0 *:32768 *:* > udp 0 0 demonseed:netbios-ns *:* > udp 0 0 *:netbios-ns *:* > udp 0 0 demonseed:netbios-dgm *:* > udp 0 0 *:netbios-dgm *:* > udp 0 0 *:bootpc *:* > udp 0 0 *:sunrpc *:* > > +++++++++++++++++++++++++++++++++++++ > # PS -aux [edited] > USER PID %CPU %MEM VSZ RSS TTY STAT > START TIME COMMAND > root 1773 0.0 0.6 4932 1780 ? S > 14:40 0:00 smbd -D > root 1777 0.0 0.6 3780 1548 ? S > 14:40 0:00 nmbd -D > > +++++++++++++++++++++++++++++++++++++ > # tcpdump port 139 > 15:36:50.828305 MS.netbios-ns > > 192.168.10.255.netbios-ns: NBT UDP PACKET(137): > QUERY; REQUEST; BROADCAST > 15:36:51.578282 MS.netbios-ns > > 192.168.10.255.netbios-ns: NBT UDP PACKET(137): > REGISTRATION; REQUEST; BROADCAST > 15:36:52.328277 MS.netbios-ns > > 192.168.10.255.netbios-ns: NBT UDP PACKET(137): > REGISTRATION; REQUEST; BROADCAST > > [NOTE: //DS never replies] > > +++++++++++++++++++++++++++++++++++++ > # cat hosts.allow > ALL : ALL > > +++++++++++++++++++++++++++++++++++++ > # ifconfig > eth0 Link encap:Ethernet HWaddr > 00:C0:F0:47:C8:67 > inet addr:192.168.10.68 > Bcast:192.168.10.255 Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 > Metric:1 > RX packets:3170 errors:0 dropped:0 > overruns:0 frame:0 > TX packets:2271 errors:0 dropped:0 > overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:2497315 (2.3 Mb) TX bytes:291114 > (284.2 Kb) > Interrupt:10 Base address:0xff00 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:1403 errors:0 dropped:0 > overruns:0 frame:0 > TX packets:1403 errors:0 dropped:0 > overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:603803 (589.6 Kb) TX bytes:603803 > (589.6 Kb) > > > +++++++++++++++++++++++++++++++++++++ > # cat /etc/samba/smb.conf > > # Samba config file created using SWAT > # from localhost.localdomain (127.0.0.1) > # Date: 2003/02/10 13:23:25 > # Global parameters > [global] > workgroup = SADNET > > ; interfaces = eth0 192.168.10.0 > ; Tried with these in, and out to no avail > ; remote announce = 192.168.10.255 > ; remote browse sync = 192.168.10.255 > > [homes] > path = /home/%u > read only = No > > [public] > path = /home/CommonShare > valid users = +users, root > read only = No > guest ok = Yes > > +++++++++++++++++++++++++++++++++++++ > # cat /etc/xinetd.d/netbios-ssn > service netbios-ssn > { > socket_type = stream > protocol = tcp > wait = no > user = root > server = smbd > disable = no > } > > +++++++++++++++++++++++++++++++++++++ > # cat /etc/xinetd.d/netbios-ns > service netbios-ns > { > socket_type = dgram > protocol = udp > wait = yes > user = root > server = nmbd > disable = no > } > > Test 4: > ================================================================> from //DS > # nmblookup -B DS __SAMBA__ > querying __SAMBA__ on 192.168.10.68 > 192.168.10.68 __SAMBA__<00> > > from //IW > # nmblookup -B DS __SAMBA__ > querying __SAMBA__ on 192.168.10.68 > name_query failed to find name __SAMBA__<00> > > Test 5: > ================================================================> from //DS > # nmblookup -B MS '*' > querying * on 192.168.10.65 > 192.168.10.65 *<00> > > from //IW > # nmblookup -B MS '*' > querying * on 0.0.0.0 > 192.168.10.1 *<00> > > Test 6: > ================================================================> from //DS > # nmblookup -d 2 '*' > added interface ip=192.168.10.68 bcast=192.168.10.255 > nmask=255.255.255.0 > querying * on 192.168.10.255 > Got a positive name query response from 192.168.10.65 > ( 192.168.10.65 ) > Got a positive name query response from 192.168.10.1 ( > 192.168.10.1 ) > 192.168.10.65 *<00> > 192.168.10.1 *<00> > > from //IW > added interface ip=127.0.0.1 bcast=127.255.255.255 > nmask=255.0.0.0 > added interface ip=192.168.10.1 bcast=192.168.10.255 > nmask=255.255.255.0 > querying * on 127.0.0.255 > Got a positive name query response from 127.0.0.1 ( > 192.168.10.1 ) > 192.168.10.1 *<00> > > Test 7: > ================================================================> from //DS > # smbclient //DS/public -U root > Connection made. > > from //IW > # smbclient //DS/public -U root > added interface ip=127.0.0.1 bcast=127.255.255.255 > nmask=255.0.0.0 > added interface ip=192.168.10.1 bcast=192.168.10.255 > nmask=255.255.255.0 > Connection to DS failed. > > Tests 8 - 11 > ================================================================> fail. > > > > __________________________________________________ > Do you Yahoo!? > Yahoo! Shopping - Send Flowers for Valentine's Day > http://shopping.yahoo.com > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba