I broke samba, but I don't know how

Concillian · 04-06-2004, 12:11 AM

Mandrake 10.0 Community

I use the box as my router and fileserver, so it has 2 network interfaces, the built in 3com 905 based(eth0), and an intel gigabit card for the local network(eth1). It recently replaced an old Celeron machine I had that was simply working as a router (no fileserving)

First thing I did was get samba running, with my old machine still running the routing functions. I created a smb.conf that suited my needs. It worked FINE.

Then I moved the routing functions over to the new box, by moving some network cables around and running the mandrake ICS 'wizard' (which I have since learned is not the hottest idea, but what's done is done.) Samba still worked, as long as I opened the right ports. It worked fine for weeks. I disassembled the old computer, moved gigs of files to the new, and am now pretty much dependent on the new computer.

So recently I wanted to forward an internet port to a local net computer. This is whe I learned that the Mandrake ICS 'wizard' was not so good. Shorewall config was not cooperating. So I decided to back out and re-run the ICS 'wizard', which overwrites all the shorewall setup files. Which should have set me back to where I was before I started trying to forward a port. As far as I can see the shorewall config files look the same as they did before I started trying to forward a port (I was only messing with /etc/shorewall/rules, which I, unfortunately, had not backed up before mucking about.)

This broke samba somehow.

I don't know how, but it has. The ports 167,168,and 169 show as open both to the local network and the internet (but the smb.conf allows only 192.168.0.x.) They are open for both TCP and UDP. The drive mappings I made on the windows boxes no longer work, and I cannot see the computer from the "Network Neighborhood" on the Windows boxes. I also cannot search for the name I have named the computer in the smb.conf. Actually, I can search all I want for it, but I never find anything

I've verified that my smb.conf hasn't been changed by some Mandrake wizard, it's the same as before. Samba is definitely running on boot and will start fine if I issue the command 'samba restart'

Everything else that I used this computer for before works, as far as I can tell. I can ping it, I can FTP to it, and it is still my router to the internet. My packets are merrily traveling through it right now. But somehow samba got b0rked.

I'm pretty much at a loss as to what may be causing my samba woes, any ideas of where to look are appreciated.

edit:
smbfind from the linux box also does not show any of the winboxen, but I don't know if it did before I broke samba.

Concillian · 04-08-2004, 12:49 PM

I am still experiencing this problem and still have no idea what the cause even could be.

Any ideas would be helpful. At this point I'm considering just re-installing over the weekend. And not using the MCC ICS 'wizard' in favor of a more standard shorewall configuration. While that would work, I'd like to avoid reinstalling.

michaelk · 04-08-2004, 01:24 PM

Make sure that both smbd and nmbd are running.
Check the samba logs for any errors.

I assume that ports 167, 168 and 169 was a typo and you really meant 137, 138 and 139.

If you do not specify a netbios name= in the smb.conf file then samba defaults to the hostname of the PC.

muah · 04-08-2004, 01:27 PM

It seems to be a firewall problem

Quote:

The ports 167,168,and 169 show as open both to the local network and the internet (but the smb.conf allows only 192.168.0.x.) They are open for both TCP and UDP.

AFAIK Samba uses ports 138 and 139 (both UDP and TCP). I allowed these two on my firewall settings and was able to connect to it so I guess these are the all ports u need to open for incomming connections.

Can u connect to the samba shares from that computer itself?

Concillian · 04-08-2004, 11:54 PM

I did mean 137, 138 and 139 not 167,168, and 169.

I just double checked the shorewall config just to be sure, and indeed that is the case. Also, using a free internet security scan shows those ports open (is there a way to do a local net port probe from one of the windows boxes to verify these ports are indeed open?)

smbd and nmbd are running, and I can mount the samba shares on the linux box itself using the same username/password I've been trying to connect with from the WinBoxen. I only tried mounting one of the shares, but if that works, the others should too.

I have named the computer with netbios name = fileserv in the smb.conf.

Thanks so far.
-- Matt

muah · 04-09-2004, 04:26 AM

There are port scanners for Windows, just google for them. On the other hand if u log dropped packets on your firewall u should have a look at the log. Or try to shutdown firewall for a minute and see if it works when its off.

If u realize ports are open and samba still not working try to connect to the computer using its IP address instead of netbios name (eg. \\192.168.1.1\share_name)

Concillian · 04-09-2004, 11:48 AM

Okay so it works if I use the IP address.

So the question I have now is why am I unable to see the server through other methods... As I said before, I did not change the smb.conf, just after messing with shorewall configuration files were my shares suddenly unavailable. How do I get them back to normal?

I guess now it's not critical, I can just re-map using the IP, but with any 'event' that happens with my Linux box, I like to use it as a learning experience as well.

here is my smb.conf:

Code:

[global]
   workgroup = cross
   netbios name = fileserv
   server string = Samba Server %v
   printcap name = cups
   load printers = yes
   printing = cups

   log file = /var/log/samba/samba.log
   max log size = 1024
   log level = 1
   hosts allow = 192.168.0. 127.0.0.1
   guest account = pcguest
   map to guest = bad user
   security = user
   encrypt passwords = yes
   smb passwd file = /etc/samba/smbpasswd

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   interfaces = 192.168.0.1/24  
   remote announce = 192.168.0.255 
   os level = 66
   domain master = yes 
   preferred master = yes

#====== Share Definitions ========
 [printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = yes
   writable = no
   printable = yes
   create mode = 0700
   print command = lpr-cups -P %p -o raw %s -r   # using client side printer drivers.

[print$]
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   write list = @adm root
   guest ok = yes

[pdf-generator]
   path = /var/tmp
   guest ok = yes
   printable = yes
   comment = PDF Generator
   #print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP &
   print command = /usr/share/samba/scripts/print-pdf %s ~%u //%L/%u %m %I "%J" &

[homes]
	 comment = Home Directories
	 path = /raid/smbshares/home/%u   		 
	 browseable = no
	 writable = yes

[media]
	 comment = Media, mp3s, video, pictures
	 path = /raid/smbshares/media
	 writable = yes
	 browsable = yes
         guest ok = yes
	 create mode = 0666
	 directory mode = 0777

[public]
	 path = /raid/smbshares/public
	 public = yes
	 browsable = yes
         writable = yes
	 guest ok = yes
	 create mode = 0666
	 directory mode = 0777

[setup]
	 comment = Setup files for new Win installs
	 path = /raid/smbshares/setup
	 public = yes		 
	 writable = yes
	 browsable = yes
	 guest ok = yes
	 create mode = 0666
	 directory mode = 0777

Thanks for the help
-- Matt

michaelk · 04-09-2004, 12:49 PM

What version of windows are the other PCs?

On the windows machines in a command box try:
net view

Does it show the samba shares?

You can also enter the linux box in the hosts file on windows.

Concillian · 04-10-2004, 12:42 PM

Quote:

Originally posted by michaelk
What version of windows are the other PCs?

On the windows machines in a command box try:
net view

Does it show the samba shares?

Other PCs are Win2K SP4
net view only shows the Windows machines ... even after adding the IP address and name for the linux box in the hosts file for the Windows machines.

If I do net view fileserv I can see the 'browsable' linux box shares.

For whatever reason, my old samba users weren't working, I had to delete them and add them again to the Linux box for the non-public shares to work.

So after adding to the hosts file I can get there directly through the name and the ip, but I still cannot browse to any of the shares.

muah · 04-11-2004, 01:20 PM

Not sure if I understand correctly what is wrong. You can see browsable shares but u cant access them from the windows machine, right?

If that is the problem, what message does windows say? Keeps asking for username/password or says something like access denied?

You said u added the users to the linux box again, did u add them to samba too (smbpasswd -a username)?

Concillian · 04-11-2004, 01:38 PM

I can reach the shares through mapping the drives, as long as I input the IP address or the name directly.

for example If I want to map to the 'public' share of the linux box, I can map it only if I input \\192.168.0.1\public into the dialogue box in Windows. If I hit the 'browse' button, I will never see the linux box, since it doesn't show up in the list there.
Because I have put '192.168.0.1 fileserv in the hosts file using \\fileserv\public will work as well.

Seperate issue/annomoly:

When I first used the IP address to access the shares directly all was well. However, yesterday it was asking for a username/password, despite that username/password working the previous day (the linux box hasn't been shut down in over a week). I couldn't find a way to access the shares again. It was giving a username/password error and asking for a new password. Neither the samba password or the password for that username on the normal linux box login were working (I use a simple/relatively insecure password for samba, but since the box is connected to the internet, the user passwords on the box are significantly more secure.)

To remedy this, I removed and added all users from samba with the smbpasswd command (-x to remove and -a to add , blah blah). Once I did this, all the users worked fine again from the Windows boxes...good thing I only have like four users.

I didn't change any of the users/passwords on the linux box itself, only for samba. As soon as I removed and re-added them to the smbpasswd file, all was back to normal. This was more of an odd anomoly, that I can't explain.

When my computers aren't predictable I start getting nervous.

Since I have everything I need mapped directly on the Windows boxes, there isn't a problem per se, but I would like to understand what happened so I can learn. I'd also like to be able to reach the linux box by browsing through the Windows 'Network Neighborhood'

michaelk · 04-11-2004, 08:06 PM

Have you installed any W2K updates lately?
Is netbios over TCP/IP enabled?
Check to make sure that port 445 is open on the firewall.

Concillian · 04-11-2004, 09:38 PM

No W2k updates in the last few weeks anyway

TCP/IP is the only protocol installed on the W2k machines, so I would assume that means I'm using netbois over TCP/IP

445 was not open, I just opened it for the local network, verified it was open on the local network using a port scanner, and waited 15 minutes ... no change, still cannot browse to the linux box with net view or the Network Neighborhood unless I specifically input the name or IP.

muah · 04-12-2004, 02:22 AM

I have samba configured to act as a WINS server and that solves all my problems with browsing network neigbourhood from clients - they just download list of machines from the server and its much faster than if they neeeded to search for other computers on their own. Some info about setting Samba as WINS server is here .

PS: Dont forget to enter IP of the new WINS server in clients' TCP/IP configuration