samba - Apr 2013 - Strange behavior when using 'hosts allow' parameter

I wanted to bring attention to some odd behavior which I don't believe is
intentional.

With Samba running, I can go to a Windows machine on the network
(10.0.0.0/24) and see all of the Samba shares by pulling up an Explorer
window and going to \\Server1   Everything appears to work as expected.
However, if I populate the 'hosts allow' parameter within smb.conf as
follows:
hosts allow = 10.0.0. 127.

I can no longer see the shares by going to \\Server1   I can, however, go to
\\Server1\sharename and pull that up just fine, I just can't see the root
path which contains all of the shares.  While this seems like a handy way to
keep users from browsing to see what shares are available, I don't think
that was the intent.

Configuration info is included below, I'll be happy to provide any
additional information required upon request.

Testparm output:
Load smb config files from /usr/local/samba/etc/smb.conf
rlimit_max: increasing rlimit_max (2048) to minimum Windows limit (16384)
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[hldata]"
Processing section "[C]"
Processing section "[D]"
Processing section "[MacData]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_ACTIVE_DIRECTORY_DC
Press enter to see a dump of your service definitions

[global]
        workgroup = HERSCHLAUREN
        realm = HERSCHLAUREN.COM
        server string = HerschLinux
        interfaces = 10.0.0.15/24, 127.0.0.1/8
        server role = active directory domain controller
        passdb backend = samba_dsdb
        deadtime = 15
        add machine script = /usr/sbin/useradd -n -g machines -d /dev/null
-s /sbin/nologin %u
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        allow dns updates = nonsecure and secure
        dns forwarder = 10.0.0.1
        rpc_server:tcpip = no
        rpc_daemon:spoolssd = embedded
        rpc_server:spoolss = embedded
        rpc_server:winreg = embedded
        rpc_server:ntsvcs = embedded
        rpc_server:eventlog = embedded
        rpc_server:srvsvc = embedded
        rpc_server:svcctl = embedded
        rpc_server:default = external
        idmap config * : backend = tdb
        invalid users = nobody, root
        hosts allow = 10.0.0., 127.
        map archive = No
        map readonly = no
        store dos attributes = Yes
        vfs objects = dfs_samba4, acl_xattr

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/herschlauren.com/scripts

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

[hldata]
        comment = Data directory for entire Windows share (Samba)
        path = /hldata
        valid users = administrator, lhall, pquesinb, tcordes, vquesinberry,
phil
        read only = No

[C]
        comment = C: Drive
        path = /hldata/C
        valid users = administrator, lhall, pquesinb, tcordes, vquesinberry,
phil
        read only = No

[D]
        comment = D: Drive
        path = /hldata/D
        valid users = administrator, lhall, pquesinb, tcordes, vquesinberry,
phil
        read only = No

[MacData]
        comment = MacData directory
        path = /hldata/D/D Drive/MacData
        valid users = administrator, lhall, pquesinb, tcordes, vquesinberry,
phil
        read only = No

[printers]
        comment = All Printers
        path = /usr/local/samba/var/spool
        printable = Yes
        print ok = Yes
        browseable = No

[print$]
        comment = Point and Print Printer Drivers
        path = /usr/local/samba/var/print

Version is 4.1.0pre1-GIT-0fa404c

Phil Quesinberry
Q Systems Engineering, Inc.
Embedded Systems Hardware/Software Development and VoIP Business Telephone
Hosting
Improve your business telephone services and save money
(410) 969-8002
http://www.qsystemsengineering.com <http://www.qsystemsengineering.com/>

Some additional info on this.  When copying files from another host on the
network which is allowed by the hosts allow entry, I get 'denied by access
rules' entries filling the log at over 1000 lines per second.  Log level is
currently set to 3.  I'm guessing I need to file a bug report:

[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (10.0.0.)
[2013/04/19 00:24:49,  0]
../source4/lib/socket/access.c:356(socket_check_access)
  socket_check_access: Denied connection to 'smbd' from LOCAL/unixdom
(LOCAL/unixdom)
[2013/04/19 00:24:49,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'denied by access rules'
[2013/04/19 00:24:49,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[denied by access rules]
[2013/04/19 00:24:49,  3]
../source4/lib/socket/access.c:298(only_ipaddrs_in_list)




--
View this message in context:
http://samba.2283325.n4.nabble.com/Strange-behavior-when-using-hosts-allow-parameter-tp4646968p4647026.html
Sent from the Samba - General mailing list archive at Nabble.com.