Quote:
Originally Posted by saavik
Well really interesting.
1. can you give the output of iptables -vnL when you can not start samba ?
|
[root@localhost ~]# iptables -vnL
Chain INPUT (policy DROP 805 packets, 81092 bytes)
pkts bytes target prot opt in out source destination
460 32396 ACCEPT tcp -- * * 10.0.0.0/22 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
193 27127 ACCEPT udp -- * * 10.99.16.5 0.0.0.0/0 udp spt:53 dpts:1024:65535
0 0 ACCEPT tcp -- * * 10.99.16.5 0.0.0.0/0 tcp spt:53 dpts:1024:65535
18 1406 ACCEPT udp -- * * 10.99.16.7 0.0.0.0/0 udp spt:53 dpts:1024:65535
0 0 ACCEPT tcp -- * * 10.99.16.7 0.0.0.0/0 tcp spt:53 dpts:1024:65535
14 1064 ACCEPT udp -- * * 10.99.16.5 0.0.0.0/0 udp spt:123
0 0 ACCEPT tcp -- * * 10.3.0.0/24 0.0.0.0/0 tcp dpt:111
0 0 ACCEPT udp -- * * 10.3.0.0/24 0.0.0.0/0 udp dpt:111
0 0 ACCEPT tcp -- * * 10.3.0.0/24 0.0.0.0/0 tcp dpt:2049
0 0 ACCEPT udp -- * * 10.3.0.0/24 0.0.0.0/0 udp dpt:2049
0 0 ACCEPT tcp -- * * 10.3.0.0/24 0.0.0.0/0 tcp dpts:4000:4005
0 0 ACCEPT udp -- * * 10.3.0.0/24 0.0.0.0/0 udp dpts:4000:4005
0 0 ACCEPT tcp -- * * 10.4.0.0/24 0.0.0.0/0 tcp dpt:111
0 0 ACCEPT udp -- * * 10.4.0.0/24 0.0.0.0/0 udp dpt:111
0 0 ACCEPT tcp -- * * 10.4.0.0/24 0.0.0.0/0 tcp dpt:2049
0 0 ACCEPT udp -- * * 10.4.0.0/24 0.0.0.0/0 udp dpt:2049
0 0 ACCEPT tcp -- * * 10.4.0.0/24 0.0.0.0/0 tcp dpts:4000:4005
0 0 ACCEPT udp -- * * 10.4.0.0/24 0.0.0.0/0 udp dpts:4000:4005
0 0 ACCEPT tcp -- * * 10.5.0.0/24 0.0.0.0/0 tcp dpt:111
0 0 ACCEPT udp -- * * 10.5.0.0/24 0.0.0.0/0 udp dpt:111
0 0 ACCEPT tcp -- * * 10.5.0.0/24 0.0.0.0/0 tcp dpt:2049
0 0 ACCEPT udp -- * * 10.5.0.0/24 0.0.0.0/0 udp dpt:2049
0 0 ACCEPT tcp -- * * 10.5.0.0/24 0.0.0.0/0 tcp dpts:4000:4005
0 0 ACCEPT udp -- * * 10.5.0.0/24 0.0.0.0/0 udp dpts:4000:4005
0 0 ACCEPT tcp -- * * 10.99.17.0/24 0.0.0.0/0 tcp dpt:111
0 0 ACCEPT udp -- * * 10.99.17.0/24 0.0.0.0/0 udp dpt:111
0 0 ACCEPT tcp -- * * 10.99.17.0/24 0.0.0.0/0 tcp dpt:2049
0 0 ACCEPT udp -- * * 10.99.17.0/24 0.0.0.0/0 udp dpt:2049
0 0 ACCEPT tcp -- * * 10.99.17.0/24 0.0.0.0/0 tcp dpts:4000:4005
0 0 ACCEPT udp -- * * 10.99.17.0/24 0.0.0.0/0 udp dpts:4000:4005
0 0 ACCEPT udp -- * * 10.99.23.49 0.0.0.0/0 udp dpt:137
4 996 ACCEPT udp -- * * 10.99.23.49 0.0.0.0/0 udp dpt:138
0 0 ACCEPT tcp -- * * 10.99.23.49 0.0.0.0/0 tcp dpt:139
0 0 ACCEPT tcp -- * * 10.99.23.49 0.0.0.0/0 tcp dpt:445
0 0 ACCEPT udp -- * * 10.0.1.21 0.0.0.0/0 udp dpt:137
0 0 ACCEPT udp -- * * 10.0.1.21 0.0.0.0/0 udp dpt:138
0 0 ACCEPT tcp -- * * 10.0.1.21 0.0.0.0/0 tcp dpt:139
0 0 ACCEPT tcp -- * * 10.0.1.21 0.0.0.0/0 tcp dpt:445
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 914 packets, 230K bytes)
pkts bytes target prot opt in out source destination
[root@localhost ~]#
Quote:
2. I am sure that you do not need to open any ports to the eth to start samba as we have several server working with samba but not allowing any connection for the eth.
|
Well, since the only difference is with the firewall running or not...
Quote:
3. does /log/messages say anything
|
Nope.
Quote:
4. does /log/samba/smb... say anything
|
Nope.
[root@localhost ~]# echo "<<< MARK >>>" >> /var/log/messages
[root@localhost ~]# echo "<<< MARK >>>" >> /var/log/samba/smbd.log
[root@localhost ~]# service smb start
Starting SMB services:
[root@localhost ~]# tail /var/log/messages
Sep 12 12:53:46 localhost dhclient: DHCPACK from 10.99.16.1
Sep 12 12:53:46 localhost dhclient: bound to 10.99.23.49 -- renewal in 1668 seconds.
Sep 12 13:21:34 localhost dhclient: DHCPREQUEST on eth0 to 10.99.16.1 port 67
Sep 12 13:21:34 localhost dhclient: DHCPACK from 10.99.16.1
Sep 12 13:21:34 localhost dhclient: bound to 10.99.23.49 -- renewal in 1403 seconds.
Sep 12 13:44:57 localhost dhclient: DHCPREQUEST on eth0 to 10.99.16.1 port 67
Sep 12 13:44:57 localhost dhclient: DHCPACK from 10.99.16.1
Sep 12 13:44:57 localhost dhclient: bound to 10.99.23.49 -- renewal in 1480 seconds.
<<< MARK >>>
[root@localhost ~]# tail /var/log/samba/smbd.log
10.0.1.21 (10.0.1.21) connect to service data initially as user nfsnobody (uid=65534, gid=65534) (pid 7576)
[2008/09/12 12:07:31, 1] smbd/service.c:close_cnum(1230)
10.0.1.21 (10.0.1.21) closed connection to service data
[2008/09/12 12:16:07, 0] smbd/server.c:main(948)
smbd version 3.0.28-1.el5_2.1 started.
Copyright Andrew Tridgell and the Samba Team 1992-2007
<<< MARK >>>
[2008/09/12 13:45:51, 0] smbd/server.c:main(948)
smbd version 3.0.28-1.el5_2.1 started.
Copyright Andrew Tridgell and the Samba Team 1992-2007