Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
After much experimentation, I have a question concerning Samba and Firewall security. I am running Suse 10.0, SuseFirewall2 and Samba 3.0.20b-3.8-1162-SUSE.
I have setup shares from Suse to the outside world and all is well in that regard.
The Suse PC cannot browse the domain/ workgroup without a workaround. (In my case, my domain.)
If I shutdown the FW and browse the network, all is well. I can restart the FW and I can continue to browse the network with the FW enabled.
If I logoff and log back on, I must again shutdown the FW before I can browse the network.
I have assigned the NIC interface to "Internal" and I have enabled Samba Server, I have also enabled TCP ports 137 and 138 and UDP port 139. (BTW: I type ports 137, 138, 139, 445 into the TCP and UDP enabled ports, and the FW configurator removed TCP 139, 445 and UDP 137, 138 & 445.)
Specifically what I want is to be able to boot the machine with the FW enabled and browse the network without a special workaround.
Thanks in advance for your help,
Jim
P.S.
When the FW is re-enabled, I can see the computers in my domain, but I cannot see the shares on one (Windows) PC. (Shares on other PC are available.) If I disable the FW, I can browse all of the shares on all of the PC's in the network: (1) Suse 10, (2) Suse 9.1, (3) Colllax (Linux w/ Windows domain), and (4) Windows XP Pro.
Maybe a more important question: Is the Suse firewall needed while I am using a router with firewall. I am using a Netgear FVS-318 router.
I just ran a test where I disabled the SW FW and then I went to the "Shields Up!" website (https://www.grc.com/x/ne.dll?bh0bkyd2 or http://www.grc.com) and after I ran their tests, it was determined that my PC is very secure with respect to open ports and file shares.
Opinions concerning SW vs HW firewalls are greatly appreciated.
Thanks again, Jim
(I just read a message that stated that "you are never safe!" and it suggested running a log checker. It is so easy to spot someone elses question after I have posted my own.)
I have assigned the NIC interface to "Internal" and I have enabled Samba Server, I have also enabled TCP ports 137 and 138 and UDP port 139. (BTW: I type ports 137, 138, 139, 445 into the TCP and UDP enabled ports, and the FW configurator removed TCP 139, 445 and UDP 137, 138 & 445.)
it's my understanding that the ports you need are:
The follow explanation is my understanding of how the Suse FW works:
The interface to Suse FW allows rules to be created in two ways: (1) by "common" service name, and (2) by port or ip protocol. I selected "Samba Server" by common service name and then I typed port 137 138 139 and 445 into the allowed ports for TCP and UDP. If the FW interface recognizes that a port manually entered is associated with a "common" service name, it will remove the port from the list and add the common name to the list of services.
So Suse listed "Samba Service" under "allowed service" and it listed 137 TCP and 138, 139 and 445 UDP ports under "Additional allowed ports."
___
I see by the log that UDP 137 is being dropped. How do I get the FW to allow UDP 137. If I manually type UDP 137, it is removed and I assumed until now that UDP 137 was covered by a common service name as described above.
I do not know how to manipulate iptables manually, i.e without the FW interface. I feel like I am so close to the solution and I cannot get the last part.
I see by the log that UDP 137 is being dropped. How do I get the FW to allow UDP 137. If I manually type UDP 137, it is removed and I assumed until now that UDP 137 was covered by a common service name as described above.
sorry, i'm not sure how the suse firewall works...
Quote:
I do not know how to manipulate iptables manually, i.e without the FW interface. I feel like I am so close to the solution and I cannot get the last part.
hang in there, i'm sure someone familiar with the suse firewall will post soon... in any case, you can execute an iptables rule as a temporary work-around (and as a test to make sure it helps with the problem) while you figure-out the suse thing:
I created a script from your code. Thank you very much!!
If I run the script from the command line, the network is browsable.
Then I added the script to /etc/init.d/boot.local, which is run just before the system enters run-level 5, and after I rebooted, the network was not browsable.
Is there a better place to put the script?
Sorry about the lengthy post before, but I cannot seem to locate a button for "code tags" as described in the help section. I have smileys and formatting options, but no code tag button.
I created a script from your code. Thank you very much!!
If I run the script from the command line, the network is browsable.
Then I added the script to /etc/init.d/boot.local, which is run just before the system enters run-level 5, and after I rebooted, the network was not browsable.
Is there a better place to put the script?
well, if suse has the "service" command like red hat does, then what you'd do is this, right after executing the script:
Code:
service iptables save
Quote:
I am receiving these type of log messages now.
Is there another rule for port & broadcasting??
if your log file is getting cluttered, there's a couple things you can do... first, you can establish a limit to the amount of logging which occurs, like:
First a question. It is my impression that all(*) linux firewalls use iptables as the underlying infrastructure, and that the different firewall products provide a front end interfaces to the user to create iptable rules. Some interfaces are more user-friendy than others and some interfaces may offer more fuctionallity to manipulate all of the possible type of rules that may be needed for any possible configuration.
Regarding the latest reply (# 9), I do not know which log messages are clutter and which are worth investigating. I am nobody's expert in the area of networking and security. I have a good knowledge in some areas and large gaps in knowledge in other areas.
Suse does not have a service command! What does the RedHat service command do? I can look for a similar function in Suse.
I found a command, iptables-save and this command dumps the iptables rules to a text file. I have posted my configuration to my wedsite @
First a question. It is my impression that all(*) linux firewalls use iptables as the underlying infrastructure, and that the different firewall products provide a front end interfaces to the user to create iptable rules. Some interfaces are more user-friendy than others and some interfaces may offer more fuctionallity to manipulate all of the possible type of rules that may be needed for any possible configuration.
your impression is correct... but keep in mind that iptables is just a configuration tool, the underlying infrastructure is netfilter...
Quote:
Regarding the latest reply (# 9), I do not know which log messages are clutter and which are worth investigating. I am nobody's expert in the area of networking and security. I have a good knowledge in some areas and large gaps in knowledge in other areas.
well, clutter is subjective... what's clutter for me might not be clutter for you, and vice versa... broadcasts, however, are considered clutter by a lot of people, so it's what i used in my example...
Quote:
Suse does not have a service command! What does the RedHat service command do? I can look for a similar function in Suse.
I found a command, iptables-save and this command dumps the iptables rules to a text file. I have posted my configuration to my wedsite @
Please let me know if using my website is improper ettiquete for linuxquestions.org.
the iptables-save command is fine, as long as you can find which file suse expects the configuration to be in... try something like this and reboot to check:
Code:
iptables-save > /etc/sysconfig/iptables
you disabled the suse firewall, right??
posting that link to your config at home doesn't violate any rule, but of course we really prefer to have stuff posted in here instead...
I am repeating much information, but I discovered that I can see one of the machines and its shares while the FW is initially running.
Thanks for the clarification of netfilters.
I have gone back to the Suse FW, since I confirmed that iptables is behind the scenes. I am not completely comfortable with my knowledge of iptables, but I can now see how the rules are derived from the settings entered into the FW GUI interface.
I have been continuing to experiment, and I discovered that I can browse the domain controller server.
net 192.168.233.xxx
102 == Suse 10.0: the machine I am trying to fix.
110 == Collax domain controller, a linux server acting as an NT DC. Running FW.
106 == Windows XP Pro running Panda software A/V and FW. (Desktop)
103 == same via wireless adapter
101 == Suse 9.x w/ FW.
104 == Windows XP Pro running Panda software A/V and FW. (laptop not always running)
The primary purpose of the Collax server is the DC, and before last night I did not realize that I was able to browse it from the troubled PC with the FW on. I do not normally do anything with this machine while it is running.
I am not able to browse the domain: message is "unable to find any workgroups in your local network. The may be caused by an enabled firewall."
When I browse the other machines, besides the Collax server, I get the message: "could not connect to host for smb://(computername)/
Again, if I turn the FW off, I can browse the entire network.
Additionally, if I browse the network with the FW off and I leave the konqueror window open, I can restart the FW and continue the browse the network. That is, I can browse until I logoff and login again.
Thanks again and again, Jim
here is the latest log files with some comments:
Code:
Mar 27 17:33:24 jsparksa SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled.
Mar 27 17:33:24 jsparksa SuSEfirewall2: /var/lock/SuSEfirewall2.booting exists which means system boot in progress, exit.
...
Mar 27 17:33:29 jsparksa nmbd[5996]: [2007/03/27 17:33:29, 0] param/loadparm.c:map_parameter(2653)
Mar 27 17:33:29 jsparksa nmbd[5996]: Unknown parameter encountered: "print cache time"
Mar 27 17:33:29 jsparksa nmbd[5996]: [2007/03/27 17:33:29, 0] param/loadparm.c:lp_do_parameter(3402)
Mar 27 17:33:29 jsparksa nmbd[5996]: Ignoring unknown parameter "print cache time"
...
Mar 27 17:33:40 jsparksa smbd[6429]: [2007/03/27 17:33:40, 0] param/loadparm.c:map_parameter(2653)
Mar 27 17:33:40 jsparksa smbd[6429]: Unknown parameter encountered: "print cache time"
Mar 27 17:33:40 jsparksa smbd[6429]: [2007/03/27 17:33:40, 0] param/loadparm.c:lp_do_parameter(3402)
Mar 27 17:33:40 jsparksa smbd[6429]: Ignoring unknown parameter "print cache time"
...
Mar 27 17:33:40 jsparksa smbd[6429]: [2007/03/27 17:33:40, 0] printing/print_cups.c:cups_cache_reload(85)
Mar 27 17:33:40 jsparksa smbd[6429]: Unable to connect to CUPS server localhost - Connection refused
Mar 27 17:33:40 jsparksa smbd[6429]: [2007/03/27 17:33:40, 0] printing/print_cups.c:cups_cache_reload(85)
Mar 27 17:33:40 jsparksa smbd[6429]: Unable to connect to CUPS server localhost - Connection refused
...
Mar 27 17:33:51 jsparksa SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled.
Mar 27 17:33:51 jsparksa SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
Mar 27 17:33:52 jsparksa SuSEfirewall2: batch committing...
Mar 27 17:33:52 jsparksa SuSEfirewall2: Firewall rules successfully set
Mar 27 17:33:58 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC= SRC=192.168.233.101 DST=224.0.0.251 LEN=112 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=92
Mar 27 17:34:24 jsparksa hp: unable to open /var/run/hpiod.port: No such file or directory: prnt/hpijs/hplip_api.c 75
Mar 27 17:34:30 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC= SRC=192.168.233.101 DST=224.0.0.251 LEN=112 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=92
Mar 27 17:34:30 jsparksa modprobe: FATAL: Error inserting sonypi (/lib/modules/2.6.13-15.15-default/kernel/drivers/char/sonypi.ko): No such device
... I do not know if the following two messages are important?
Mar 27 17:36:09 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1025 LEN=70
Mar 27 17:36:30 jsparksa last message repeated 5 times
Mar 27 17:37:08 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.106 DST=192.168.233.101 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=58389 PROTO=UDP SPT=137 DPT=1025 LEN=76
...
Mar 27 17:38:36 jsparksa kernel: SFW2-INint-ACC-TCP IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.106 DST=192.168.233.101 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=58454 DF PROTO=TCP SPT=7045 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)
Mar 27 17:38:36 jsparksa kernel: SFW2-INint-ACC-TCP IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.103 DST=192.168.233.101 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=58457 DF PROTO=TCP SPT=7046 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)
Mar 27 17:38:36 jsparksa kernel: SFW2-INint-ACC-TCP IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.106 DST=192.168.233.101 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=58459 DF PROTO=TCP SPT=7044 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)
... Are these SMBD messages important. 106 is a Win XP desktop.
Mar 27 17:38:36 jsparksa smbd[7286]: [2007/03/27 17:38:36, 0] lib/util_sock.c:write_data(554)
Mar 27 17:38:36 jsparksa smbd[7286]: write_data: write failure in writing to client 192.168.233.106. Error Connection reset by peer
Mar 27 17:38:36 jsparksa smbd[7286]: [2007/03/27 17:38:36, 0] lib/util_sock.c:send_smb(762)
Mar 27 17:38:36 jsparksa smbd[7286]: Error writing 4 bytes to client. -1. (Connection reset by peer)
*** I am logged in and I am browsing the different computers on the network. ***
Mar 27 22:04:49 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:10:4b:0a:76:f5:08:00 SRC=192.168.233.110 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:04:50 jsparksa last message repeated 2 times
Mar 27 22:05:18 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:05:19 jsparksa last message repeated 2 times
Mar 27 22:07:01 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:10:4b:0a:76:f5:08:00 SRC=192.168.233.110 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:07:02 jsparksa last message repeated 4 times
Mar 27 22:07:42 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:07:43 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:08:30 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.106 DST=192.168.233.101 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=948 PROTO=UDP SPT=137 DPT=1027 LEN=76
Mar 27 22:08:30 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:1c:08:00 SRC=192.168.233.103 DST=192.168.233.101 LEN=96 TOS=0x00 PREC=0x00 TTL=128 ID=949 PROTO=UDP SPT=137 DPT=1027 LEN=76
Mar 27 22:09:06 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:09:07 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:50:04:7b:38:44:08:00 SRC=192.168.233.102 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
Mar 27 22:09:33 jsparksa kernel: SFW2-INint-DROP-DEFLT IN=eth0 OUT= MAC=00:e0:18:38:d4:6a:00:10:4b:0a:76:f5:08:00 SRC=192.168.233.110 DST=192.168.233.101 LEN=90 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=137 DPT=1027 LEN=70
and here is iptables:
Code:
# Generated by iptables-save v1.3.3 on Mon Mar 26 23:50:42 2007
*mangle
:PREROUTING ACCEPT [880:517134]
:INPUT ACCEPT [879:516558]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1013:108381]
:POSTROUTING ACCEPT [1059:113401]
COMMIT
# Completed on Mon Mar 26 23:50:42 2007
# Generated by iptables-save v1.3.3 on Mon Mar 26 23:50:42 2007
*nat
:PREROUTING ACCEPT [23:3253]
:POSTROUTING ACCEPT [78:5819]
:OUTPUT ACCEPT [78:5819]
COMMIT
# Completed on Mon Mar 26 23:50:42 2007
# Generated by iptables-save v1.3.3 on Mon Mar 26 23:50:42 2007
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [9:468]
:forward_int - [0:0]
:input_int - [0:0]
:reject_func - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -j input_int
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-IN-ILL-TARGET " --log-tcp-options --log-ip-options
-A INPUT -j DROP
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWD-ILL-ROUTING " --log-tcp-options --log-ip-options
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-OUT-ERROR " --log-tcp-options --log-ip-options
-A input_int -p udp -m pkttype --pkt-type broadcast -m udp --dport 137 -j ACCEPT
-A input_int -p udp -m pkttype --pkt-type broadcast -m udp --dport 138 -j ACCEPT
-A input_int -m pkttype --pkt-type broadcast -j DROP
-A input_int -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_int -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3/2 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 5 -j ACCEPT
-A input_int -p tcp -m limit --limit 3/min -m tcp --dport 139 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INint-ACC-TCP " --log-tcp-options --log-ip-options
-A input_int -p tcp -m tcp --dport 139 -j ACCEPT
-A input_int -p tcp -m limit --limit 3/min -m tcp --dport 445 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INint-ACC-TCP " --log-tcp-options --log-ip-options
-A input_int -p tcp -m tcp --dport 445 -j ACCEPT
-A input_int -p udp -m udp --dport 137 -j ACCEPT
-A input_int -p udp -m udp --dport 138 -j ACCEPT
-A input_int -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INint-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_int -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-INint-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_int -p udp -m limit --limit 3/min -j LOG --log-prefix "SFW2-INint-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_int -m limit --limit 3/min -m state --state INVALID -j LOG --log-prefix "SFW2-INint-DROP-DEFLT-INV " --log-tcp-options --log-ip-options
-A input_int -j DROP
-A reject_func -p tcp -j REJECT --reject-with tcp-reset
-A reject_func -p udp -j REJECT --reject-with icmp-port-unreachable
-A reject_func -j REJECT --reject-with icmp-proto-unreachable
COMMIT
# Completed on Mon Mar 26 23:50:42 2007
101 == Suse 10.0: the machine I am trying to fix.
102 == Suse 9.x w/ FW.
Then I started poking around configuration files in etc. I discovered that /etc/hosts was out of date. Last year I changed my net from 192.168.1.xxx to 192.168.233.xxx in order to install a VPN and I did not update this file.
Last year, I also installed the Collax DC and changed the samba configuration from a workgroup to a domain.
Now I can browse each machine individually with the FW enabled!
** I cannot, however, browse the root level domain with the FW enabled. ( smb:/ or smb://(domainname)/ )
If I disable the FW I can browse the root level domain . . .
Is there some configuration that I should verify for the domain?
(Yes, I did look at smb.conf.)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
