Date: Wed, 2 Mar 2016 21:12:25 +0100 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: Rainer Hurling <rhurlin@gwdg.de> Cc: Reko Turja <reko.turja@liukuma.net>, FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: Re: mounting CIFS share (tcp/445) with FreeBSD and mount_smbfs(8) Message-ID: <20160302211225.73452ba5.ohartman@zedat.fu-berlin.de> In-Reply-To: <56D70065.2010304@gwdg.de> References: <20160301222004.4cdaafc9.ohartman@zedat.fu-berlin.de> <32E522F2674A4DEBBE2492D3A307A0C1@Rivendell> <20160302152939.17333d19@freyja.zeit4.iv.bundesimmobilien.de> <56D70065.2010304@gwdg.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/4.c7B6WdtDYii0REUTJ2swA Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Wed, 2 Mar 2016 16:01:57 +0100 Rainer Hurling <rhurlin@gwdg.de> schrieb: > Hi Oliver, >=20 > Am 02.03.16 um 15:29 schrieb O. Hartmann: > > On Tue, 1 Mar 2016 23:39:22 +0200 > > "Reko Turja" <reko.turja@liukuma.net> wrote: > > =20 > >> -----Original Message----- > >> From: O. Hartmann > >> Subject: mounting CIFS share (tcp/455) with FreeBSD and mount_smbfs(8)= =20 > >>> > >>> I need to mount a CIFS share from windows server 2012 r2 via CIFS, tc= p/445 > >>> as NetBIOS service (tcp/139) has been deprecated due to serious > >>> vulnerability issues. . > >>> . > >>> . > >>> I desperately need CIFS and I need tcp/445 since tcp/139 is from now = on > >>> firewalled. =20 > >> > >> There's actually alternative available that's far more UNIX-friendly a= nd not > >> depending on the SAMBA foibles. > >> > >> https://technet.microsoft.com/en-us/library/jj574143.aspx?f=3D255&MSPP= Error=3D-2147217396 > >> > >> Of course, you need to have admin access to the server or get the admi= ns > >> enable NFS on it. > >> > >> -Reko > >> > >> (I've used the Windows NFS the other way around- FreeBSD NFS shares mo= unted > >> with on Win7.) _______________________________________________ > >> freebsd-current@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-current > >> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.= org" =20 > > > > Using others than CIFS is impossible, I'm dependend on existing service= s. > > Within the next forseable time port tcp/139 gets firewalled. > > > > So far I have compiled NETSMB, SMBFS, LIBMCHAIN and LIBICONV (I think t= he > > latter two are prerequests for NETSMB/SMBFS, didn't find much in the ve= ry > > sparse and unfinished docs for that subject!) into the kernel. > > > > I found this following the exact subject I ran into: > > > > http://agreif.blogspot.de/2014/01/blog-post.html > > > > It doesn't work with either SAMBA 4.3 or Windows Server 2012 R2. Consid= er the > > following situation. > > > > Windows/samba server has IP 10.0.0.1, it's WINS name is locus, its doma= in is > > ASUF the user is pimmel. The passowrd is in /etc/nsmb.conf, > > hashed: > > > > > > [default] > > charsets=3Dutf-8:utf-8 > > > > [LOCUS:PIMMEL] > > address=3D10.0.0.1 > > password=3D$$ajdhasuih57 > > > > The, following the above instructions, the mount_smbfs(8) command would= be > > > > mount_smbfs -I10.0.0.1 -Wasuf -N //pimmel@10.0.0.1:445/share /mnt > > > > If -W is fed with ASUF (all uppercase), I get a strange error: > > > > mount_smbfs: invalid local charset specification (IT4) > > > > Connecting to the SAMBA 4.3 server, and with -Wasuf, I get > > > > mount_smbfs: unable to open connection: syserr =3D RPC struct is bad > > > > Connectingto the Windows 2012 R2 server results in > > > > mount_smbfs: unable to open connection: syserr =3D Connection reset by = peer > > > > First, the manpage for mount_smbfs(8) is everything else than FreeBSD s= tandard! > > There is an unexplained option "-n opt". What is that? > > > > Second, CIFS over tcp/445 seems to be now very(!) common in the Windooz= e world > > - why is that fact not reflected by FreeBSD? I tried to find some > > explanations/manpages for "man netsmb" or "smbfs" (the kernel options),= but > > none found :-( > > > > My interpretation of the above errors are: FreeBSD is incapable to hand= le CIFS > > over tcp/445. The above URL/site claims to have solved the problem, but= it > > seems not true for CURRENT. =20 >=20 > For me, the described scenario works well with base smbfs (on recent=20 > HEAD amd64). My configuration differs in some way from yours. I use recent HEAD (most recent, just recompiled world a minute ago ...) >=20 > GROUPNAME, SERVERNAME, and USERNAME should be written in capital letters= =20 > (?), domainname\\username in small letters (?): I have almost every permutation used by now. Using -WUPPERCASE on the comma= ndline gives me strange errors like: mount_smbfs: invalid local charset specification (IT4), -wlowercase doen't. Using tcp/139 NetBIOS with both Samba 4.3 and Win 2012 R2 works with lowerc= ase username, servername. >=20 >=20 > # ------------------------------------------- > #cat /etc/nsmb.conf > ... > [default] > workgroup=3DGROUPNAME >=20 > [SERVERNAME] > nbns=3Dxxx.xxx.xxx.xxx (IPv4 address) > charsets=3DUTF-8:CP866 > addr=3Dservername.xxx.de >=20 > [SERVERNAME:USERNAME] > username=3Ddomainname\\username > password=3DHASHED_PASSWORD >=20 >=20 > # ------------------------------------------- > My entries in /etc/fstab look like this: > ... > ### Mountpoints for mount_smbfs (of base system) > //username@servername/dir /SMB/DIR smbfs rw,late 0 0 >=20 > [and this also works with port 445:] > //username@servername:445/dir /SMB/DIR smbfs rw,late > 0 0 >=20 >=20 > # ------------------------------------------- > !!! If this was a real hashed password in your mail above, you should=20 > change it ... it isn't ;-) >=20 > HTH and greetings, > Rainer Thanks and kind regards, Oliver --Sig_/4.c7B6WdtDYii0REUTJ2swA Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJW10kqAAoJEOgBcD7A/5N8WcsIAIFsGQSFR4dD7fDWhDBugDjU 6+hS5UG1flshV7738be1HBEAFwIjyI7Pt3m9boc8w3RWt4igKNgYfefjtUZLy1cp WbpZtgeM4+Jw2msq9vSoGMkBAw4hp/sVB5Xfi/ISFrCk1a/IpjTwdR8w2Rv77qME GDHzCdJgoEb9a5De27JepZBgNwXDR+I7bUD5bqlykzYH7o1pygo2PwpLuPANECbR 5iEtO4TMZQl3SDii8nEPKgQ+CEZd9Df6m3R/fjrrIxho21gwjpLZH1W3CNuA/pWI MmTUn+pmmVQauFpD9kwcdNj+bLSg0NLJxpv82QT/nAxy7pDwRI25vtlH+Tsn6FY= =mUfN -----END PGP SIGNATURE----- --Sig_/4.c7B6WdtDYii0REUTJ2swA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160302211225.73452ba5.ohartman>