samba - Feb 2006 - Samba seems to cause complete server crash

Hi all,

I have done some extensive searching, and drawn a blank so far...

Nothing odd is reported in samba logs, or in the syslog file.

However, if I try to play an avi straight off the samba server, on an XP 
client with MP10, it brings the whole deal to its knees after a few mins at 
the most. I have to hard reset the server.

Other than this, all my other uses are flawless (game server, dhcp, 
firewall, teamspeak, peerguardian... etc).

I don't _think_ its a firewall problem, as all internal traffic is ACCEPTED 
by default, and I don't have a permissions problem or any browsing errors...
it just dies when I play a video?!

I'm using FC4, with samba V3.0

If anyone has any suggestions on where to go from here, I would be very 
grateful.

Other than this, everything is rosy.

Mike F


---------

Steve Freeman schrieb:
> Hi all,
> 
> I have done some extensive searching, and drawn a blank so far...
> 
> Nothing odd is reported in samba logs, or in the syslog file.
> 
> However, if I try to play an avi straight off the samba server, on an XP 
> client with MP10, it brings the whole deal to its knees after a few mins 
> at the most. I have to hard reset the server.
> 
> Other than this, all my other uses are flawless (game server, dhcp, 
> firewall, teamspeak, peerguardian... etc).
> 
> I don't _think_ its a firewall problem, as all internal traffic is 
> ACCEPTED by default, and I don't have a permissions problem or any 
> browsing errors... it just dies when I play a video?!
> 
> I'm using FC4, with samba V3.0
> 
> If anyone has any suggestions on where to go from here, I would be very 
> grateful.
> 
> Other than this, everything is rosy.
check your hardware.

do some heavy computations and large file copying, etc.

-- 
Tomasz Chmielewski
http://wpkg.org

On Mon, Feb 06, 2006 at 12:31:18PM +0000, Steve Freeman
wrote:
> Hi all,
> 
> I have done some extensive searching, and drawn a blank so far...
> 
> Nothing odd is reported in samba logs, or in the syslog file.
> 
> However, if I try to play an avi straight off the samba server, on an XP 
> client with MP10, it brings the whole deal to its knees after a few mins at
> the most. I have to hard reset the server.
Kernel bug. That's the only thing that puts the kernel in that state.

Jeremy.

Steve Freeman wrote:
> Hi,
> 
> Cured the kernel problem, I now get a very good service from samba.
> 
> However, in my /var/log/samba directory, there are a lot of public IP 
> attempts to gain access. All are denied, however, why are they getting 
> past iptables?
> 
> My INPUT policy is set to DROP, and although I allow certain ports, none 
> of them are 139 or similar.
> 
> Also, my hosts allow is set to my local subnet (hence their denial).
> 
> Any ideas?
> 
> Kind regards,
> 
> Mike F
post your iptables rules:

~#] iptables -L --line-numbers

-- 
My Website: http://messinet.com
My Online Gallery: 
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3

Thank you Anthony. The following is the output

-----------------------------------

Chain FORWARD (policy DROP)
num  target     prot opt source               destination
1    QUEUE      all  --  anywhere             anywhere
2    ACCEPT     all  --  anywhere             anywhere

Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    QUEUE      all  --  anywhere             anywhere
2    ACCEPT     all  --  anywhere             anywhere            (NB - this 
should refer to loopback)
3    ACCEPT     all  --  anywhere             anywhere            (NB - and 
this one, the internal NIC)
4    ACCEPT     tcp  --  anywhere             anywhere            tcp 
spt:http
5    ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:http
6    ACCEPT     tcp  --  anywhere             anywhere            tcp 
spt:domain
7    ACCEPT     udp  --  anywhere             anywhere            udp 
spt:domain
8    ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:8767
9    ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:3000
10   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:ssh
11   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:ftp
12   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:13139
13              tcp  --  anywhere             anywhere            tcp 
dpts:14690 :14693
14   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpts:27243 :27425
15   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:27900
16   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:28900
17   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:29900
18   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:29901
19   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:6500
20   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:6515
21   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:3783
22   ACCEPT     tcp  --  anywhere             anywhere            tcp 
dpt:ircd
23   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:13139
24              udp  --  anywhere             anywhere            udp 
dpts:14690 :14693
25   ACCEPT     udp  --  anywhere             anywhere            udp 
dpts:27423 :27425
26   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:27900
27   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:28900
28   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:29900
29   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:29901
30   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:6500
31   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:6515
32   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:3783
33   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:ircd
34   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:20500
35   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:20510
36   ACCEPT     udp  --  anywhere             anywhere            udp 
dpt:28960

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
1    QUEUE      all  --  anywhere             anywhere

----------------------------------------

Kind regards, and thanks again,

Mike F
>From: Anthony Messina <amessina@messinet.com>
>
>post your iptables rules:
>
>~#] iptables -L --line-numbers
>
>--
>My Website: http://messinet.com
>My Online Gallery: 
>http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3

Steve Freeman wrote:
> Hi,
> 
> Thanks to those who replied to my security question. The QUEUE rule was 
> the culprit, and it shouldnt have been there.
> 
> It came from the peerguardian daemon (a privacy filter, ironically!), 
> and should have only been applied to the OUTPUT,FORWARD tables only, NOT 
> the INPUT. I have modified the code to remove the INPUT and recompiled. 
> Solved.
> 
> It has really helped to voice this on here, although it was not samba 
> related. The samba log is now clean. Thanks again,
> 
> Mike
> 
> 
glad you found the cause.  i was wondering what the queue was for 
anyway.   :)

-- 
My Website: http://messinet.com
My Online Gallery: 
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3