From owner-freebsd-stable@FreeBSD.ORG Tue Feb 28 11:09:10 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 84FD516A441 for ; Tue, 28 Feb 2006 11:09:10 +0000 (GMT) (envelope-from mv@roq.com) Received: from p4.roq.com (ns1.ecoms.com [207.44.130.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0AC5343DD5 for ; Tue, 28 Feb 2006 11:07:54 +0000 (GMT) (envelope-from mv@roq.com) Received: from p4.roq.com (localhost.roq.com [127.0.0.1]) by p4.roq.com (Postfix) with ESMTP id 6C33A4C7C3 for ; Tue, 28 Feb 2006 11:09:05 +0000 (GMT) Received: from [192.168.0.6] (ppp157-158.static.internode.on.net [150.101.157.158]) by p4.roq.com (Postfix) with ESMTP id A617A4C7BF for ; Tue, 28 Feb 2006 11:09:04 +0000 (GMT) Message-ID: <44042F08.9010606@roq.com> Date: Tue, 28 Feb 2006 22:07:52 +1100 From: Michael Vince User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.12) Gecko/20060213 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Subject: FreeBSD 6-stable hosts.allow and samba X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2006 11:09:11 -0000 Hi Guys, I have been stuffing around for a silly amount of time trying to connect to a test samba install on a 6-stable box with from WinXP with no success. I checked the logs like hell on (enabled all.log) and saw nothing, no server rejections nothing. In log.nmbd I did see a bunch of nice messages like host resolution and master browser successful elections etc. After trying just about everything to connect to the Samba I enabled "ALL : ALL : allow" in hosts.allow as a last resort and boom there comes up my samba server via MS windows. This is what I had in hosts.allow below. ALL : localhost 127.0.0.1 : allow ALL : 192.168.0. : allow ALL : ALL \ : severity auth.info \ : twist /bin/echo "You are not welcome to use %d from %h." Looking at the example hosts.allow I can see why this would fail as IP based address are always fully netmasked unlike my short handed "ALL : 192.168.0. : allow" The examples and hostnames like .evil.cracker.example.com are used through me off a bit as I just assumed it would work, and also because such terminology is used in the smb.conf I think its a bit ordinary that nothing comes up in any of the logs in /var/log when samba rejects with no warning via tcpwrappers and I believe there should be something in hosts.allow to say that something like "ALL : 192.168.0. : allow" doesn't work at all such as # This does not work # ALL : 192.168.0. : allow # Use full sub-netting terminology instead # ALL : 192.168.0.0/255.255.255.0 : allow I think this is needed as I believe I have been burned by this before and I can only assume other people have as well. Just my thoughts Mike