Firewall Samba driving me nuts
"Unable to find any workgroups in your local network. This might be caused by an enabled firewall."
I get this message when trying to access one linux machine to the other. I have samba set up between two machines using Fedora 8. I have the firewall checked for allow samba in my firewalls, and ports 137-139, 445 set up in allowed in Selinux settings. I even opened up port 137-139 for the two IP address in the router firewalls. Note I have both machines set up the same: Fedora 8, same workgroup, and same shared file. Maybe I am confusing the system or something? I have read many posts and setup Howto's. I had both of these machines running Samba configuration just fine under Fedora 5. The main difference that I know of is that I did not have SElinux activated then. Here is my smb.conf code. Code:
[root@localhost sbin]# testparm /etc/samba/smb.conf Quote:
Quote:
|
Disabling your firewall will prove whether or not it is getting in the way.
|
You don't allow ports in SELinux, so I don't understand your comment there.
if you're trying to attach to localhost, that's the machine your on not the other box. Temporarily disable SeLinix with setenforce 0 (that's a zero) on both boxes and give it a go. |
Make sure your computers hostnames aren't local host.
Share level security is obsolete. It would be better to use "Security = user". Use the "smbpasswd" program to enter in each windows user/password so that the "/etc/samba/passwd" data is correct. If you have a globally writable share be sure to set the "sticky" bit. You can create it with chmod a=rwxt /path/to/directory Check out the services on the other computer like: smbclient -L <hostname> Look for a samba-doc package. ( FC may include the docs with the samba package however ) The "Samba 3 by Example" book is very good. It takes you through step by step in creating a number of sample setups. |
Thanks for the speedy response:
I did as recommended before posting but did again just to be sure: Quote:
[ Code:
root@localhost ~]# smbclient -L localhost Quote:
Set security to user Code:
security = user Quote:
|
I did all of the recommendations and it did not change. I did restart smb and rebooted to be sure that it accepted the changes.
In both machines using Konqueror I see the one machine called Graysnew. When I try to access the shared file called "Shared" the password authentication screen pops up but it wont accept the pass words I just set by smbpasswd??. I cant see my second machine's shared files (should be seen as localhost since that machine is not given a special name). Both machines ping just fine. It is like it does not recognize the user and password. This is the smbusers file: Code:
[root@localhost samba]# cat smbusers |
if you rebooted, SELinux is back on since setenforce is not persistent.
If you can, diable your firewalls (not practical if connected to net), disable SELinux, and try it. At least you can rul out those elements and concentrate on the config Edit Question - where do Windows users come in? Aren't you looking at two Fedora boxes??? |
No, the name "localhost" is not fine. You need to change it. If you try to ping localhost you will be pinging yourself instead of that computer.
When you ran "smbclient -L localhost" you were looking at the shares on the local machine and not the remote host. |
Quote:
Quote:
Quote:
I able to do this before? Same two machines, and all. Just FC5? |
Quote:
If you have one computer named "localhost", when another computer tries to reach it, it will reach itself. The only reason the "localhost" is the default, is that if there was another default, two computers with the same default hostname would cause more problems. You absolutely need to change the hostname. This could actually be what your problem is. Another computer won't be able to find your computer by hostname. Another thing you want to do is to use "smbclient -L <hostname>" from another computer. If you don't have another Linux machine, then look at "net view \\<netbios-name>" or "net view \\IP_ADDRESS". Also check that ports 137-139 are open. If a host is XP, it may not have NETBIOS over IP installed and rely on IP alone. If this is the case, it doesn't use broadcasts for browsing. You may need port 445 open in that case. Enabling WINS support in the Samba server ( only one WINS server is allowed per subnet) might help and is required if you want browsing to cross a subnet. The main advantage of using WINS is to reduce network traffic in a windows network do to browsing related broadcasts which are sent to every host in a subnet. |
In Fedora you'll find the hostname in /etc/sysconfig/network or similar. Have a look in there - will check when I have access to a Fedora box
|
Quote:
If you think you may know why I get the message "The file or folder smb://foo1/foo2 does not exist." please let me know. Thanks again :) |
Is anything coming up in the logs?
How does foo2 tie in with the Shared or other share definition in smb.conf? |
here is the last log:
Code:
[root@grayold samba]# cat log.graysnew Quote:
Code:
[root@GraysNew ~]# testparm /etc/samba/smb.conf |
I have set the folder and all files open to everyone. Note the users gray and mythtv have full writes.
Code:
drwxrwxrwx 3 gray mythtv 4096 2008-02-24 17:17 Shared/ |
All times are GMT -5. The time now is 05:25 AM. |