From owner-freebsd-questions@FreeBSD.ORG Thu Jul 5 11:40:09 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 189B716A46B for ; Thu, 5 Jul 2007 11:40:09 +0000 (UTC) (envelope-from g.v.tjongahung@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.245]) by mx1.freebsd.org (Postfix) with ESMTP id BD7CC13C487 for ; Thu, 5 Jul 2007 11:40:08 +0000 (UTC) (envelope-from g.v.tjongahung@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so577219anc for ; Thu, 05 Jul 2007 04:40:08 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=kB/OC8SIJkX7rE5ahzqg+Rdz5Ohjn13MGTSMYMKE3kp4XJiG+5PCgS1t78UQ2gwtuq+62yOTpjVMbQjYjNtBAsuoFWq205LU4boKZtKgmk5/u5uwx2JF0qMYKCpYjutq9XhAle2/54+69nLUdpYBqYDSPapHnfMKwrukfo92YI0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=lBVC9+OLZ2P7WW0EtN7Ny+RWNah23siF4N5VtOhyXteMnGrlISoV71g5aNnzy2mj6TCPNgErY4rxHyMJaFTBt8+H3uyQCRw1nan5X547WbFfC/bQ+09EoNTFw89+DmSlp7qQ/Qb2lFJIFtTv3dAF7KwyFTJGVDF8rHxvmunEPbI= Received: by 10.100.125.5 with SMTP id x5mr5252225anc.1183635607822; Thu, 05 Jul 2007 04:40:07 -0700 (PDT) Received: by 10.100.45.6 with HTTP; Thu, 5 Jul 2007 04:40:07 -0700 (PDT) Message-ID: <822946050707050440y2e4fd269t607c15c8a2f06524@mail.gmail.com> Date: Thu, 5 Jul 2007 13:40:07 +0200 From: "Gabor Tjong A Hung" To: "Norberto Meijome" In-Reply-To: <20070705110308.7096cbe9@localhost> MIME-Version: 1.0 References: <822946050707040018o1877737ia46252c8ae40fc9b@mail.gmail.com> <20070705005329.65be3130@localhost> <822946050707041022p1e55f853n242dfba946f7bf7b@mail.gmail.com> <20070705110308.7096cbe9@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Fwd: Samba NetBios X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jul 2007 11:40:09 -0000 Dear all, The idea is to share it over a local area network. This LAN has a wins server. my server has a jail in which samba resides. In order for the LAN to be serviced by my jailed samba I have NATED and RDRed the required packets In order for the LAN to browse the network NETBIOS seems to be a problem. AFAIK when one sends a netBIOS packet an ip is embedded and the response is sent to that ip. NAT only redirects the packet to he appropriate network, but apparently the packet needs to be altered too in order for a response to be sent. I hope this information was sufficient smb_jail_ip="10.0.0.3" int_ip="172.20.25.177" samba_UDP_ports = "{netbios-ns, netbios-dgm}" samba_TCP_ports = "{microsoft-ds, netbios-ssn}" #smb nat on $int_if from $smb_jail_ip to $int_if:network ->$int_ip rdr on $int_if proto TCP from any to $int_ip port $samba_TCP_ports -> $smb_jail_ip rdr on $int_if proto UDP from any to $int_if:broadcast port $samba_UDP_ports -> $smb_jail_ip rdr on $int_if proto UDP from any to $int_ip port $samba_UDP_ports -> $smb_jail_ip pass in quick on $int_if all pass out quick on $int_if all On 7/5/07, Norberto Meijome wrote: > > On Wed, 4 Jul 2007 19:22:13 +0200 > "Gabor Tjong A Hung" wrote: > > > Dear all, > > > > I was told that my questions was better served here than in ports@ > > > > > > > I've recently put my samba server in a jail, but as you can see @ > > > http://www.faughnan.com/netbios.html NetBIOS is a bit of a problem and > can > > > cause alot of headache. I was unable to find a nat helper for pf, so I > was > > > wondering if I could bridge my jail with it's host. the bridge > > > manual >however > > > requires me to have *two* network devices(or so it says), but my > > > jails are just aliases on the same network device. > > > Does anyone know another solution to make browsing possible? or have a > > clue > > > on how to make the solutions I tried work. > > > > > > >ifconfig > > > rl0: flags=8843 mtu 1500 > > > options=8 > > > inet6 fe80::202:44ff:fe30:dd04%rl0 prefixlen 64 scopeid 0x1 > > > inet 172.20.25.177 netmask 0xfffffc00 broadcast 172.20.27.255 > > > inet 10.0.0.3 netmask 0xffffffff broadcast 10.0.0.3 > > > inet 10.0.0.2 netmask 0xffffffff broadcast 10.0.0.2 > > > inet 10.0.0.6 netmask 0xffffffff broadcast 10.0.0.6 > > > inet 10.0.0.4 netmask 0xffffffff broadcast 10.0.0.4 > > > inet 10.0.0.5 netmask 0xffffffff broadcast 10.0.0.5 > > > ether 00:02:44:30:dd:04 > > > media: Ethernet autoselect (100baseTX ) > > > status: active > > hi Gabor, > are you trying to share over SMB between the jails? > between the hosts and the jails? > you may want to explain your plans... using NAT for netbios seems a bit > overkill to me, unless you plan to send SMB packets over the larger > internet...which in itself seems a bad idea. > > If you only need SMB across different LAN segments, setup WINS server(s) > (MS or > from the Samba project). > > B > _________________________ > {Beto|Norberto|Numard} Meijome > > "It is a lesson which all history teaches wise men, to put trust in ideas, > and > not in circumstances." Emerson > > I speak for myself, not my employer. Contents may be hot. Slippery when > wet. > Reading disclaimers makes you go blind. Writing them is worse. You have > been > Warned. >