Discussion:
nmbd does not listen
jean-francois
2010-03-07 13:31:53 UTC
Permalink
Hi,

After installing the default system + installing samba I am in front on a
system now working but not replyying to windows port 137 requests to nmbd for
mapping the server, the windows neighboor function.

After checking netstat I see that nmbd is not in listen on this port however
running.

Is there some basic configuration I missed to do ?

Regards
Rogier Krieger
2010-03-07 14:18:49 UTC
Permalink
Post by jean-francois
Is there some basic configuration I missed to do ?
As a quick check, did you start both smbd and nmbd components (ps ax
is your friend here) and did you place the necessary lines in
/etc/rc.local as per the message you received upon install? If you
missed that, see pkg_info(1) and its -M option.

Alternatively, review the log files for samba to see what's (not) happening.

Regards,

Rogier
jean-francois
2010-03-07 18:10:20 UTC
Permalink
Post by Rogier Krieger
Post by jean-francois
Is there some basic configuration I missed to do ?
As a quick check, did you start both smbd and nmbd components (ps ax
is your friend here) and did you place the necessary lines in
/etc/rc.local as per the message you received upon install? If you
missed that, see pkg_info(1) and its -M option.
Alternatively, review the log files for samba to see what's (not) happening.
Regards,
Rogier
Yes, daemons are loaded.

# ps -ax | grep mbd
5434 ?? Is 0:00.01 /usr/local/libexec/smbd
28545 ?? I 0:00.00 /usr/local/libexec/smbd
19915 ?? Ss 0:00.03 /usr/local/libexec/nmbd
2725 ?? I 0:00.11 /usr/local/libexec/smbd

In rc.local I don't have the -M option, what is this for ?

if [ -x /usr/local/libexec/smbd ]; then
echo -n ' smbd'
/usr/local/libexec/smbd
fi
if [ -x /usr/local/libexec/nmbd ]; then
echo -n ' nmbd'
/usr/local/libexec/nmbd

I have a process relative to nmbd binding to UDP 137 in the systat net page -
but it's not mentionned LISTEN or ESTABLISHED, it's just empty as if the
process was not listening. It's nmbd. This process does'nt listen actually
apprearently.

In log it says the following which seems understanble since nmbd does not
listen on UDP 137.

Mar 7 19:03:04 serveur nmbd[19915]: [2010/03/07 19:03:04, 0]
/usr/obj/ports/samba-3.0.34/samba-3.0.34/source/libsmb/nmblib.c:send_udp(793)
Mar 7 19:03:04 serveur nmbd[19915]: Packet send failed to 10.0.1.255(138)
ERRNO=Host is down
J.C. Roberts
2010-03-07 20:15:24 UTC
Permalink
On Sun, 7 Mar 2010 19:10:20 +0100 "jean-francois"
Post by jean-francois
Post by Rogier Krieger
Post by jean-francois
Is there some basic configuration I missed to do ?
As a quick check, did you start both smbd and nmbd components (ps ax
is your friend here) and did you place the necessary lines in
/etc/rc.local as per the message you received upon install? If you
missed that, see pkg_info(1) and its -M option.
Alternatively, review the log files for samba to see what's (not) happening.
Regards,
Rogier
Yes, daemons are loaded.
# ps -ax | grep mbd
5434 ?? Is 0:00.01 /usr/local/libexec/smbd
28545 ?? I 0:00.00 /usr/local/libexec/smbd
19915 ?? Ss 0:00.03 /usr/local/libexec/nmbd
2725 ?? I 0:00.11 /usr/local/libexec/smbd
In rc.local I don't have the -M option, what is this for ?
He was speaking of the package tools and how to get the install message
again if you missed it the first time. For example:

$ pkg_info -M samba

For more information:

$ man pkg_info
Post by jean-francois
if [ -x /usr/local/libexec/smbd ]; then
echo -n ' smbd'
/usr/local/libexec/smbd
fi
if [ -x /usr/local/libexec/nmbd ]; then
echo -n ' nmbd'
/usr/local/libexec/nmbd
I have a process relative to nmbd binding to UDP 137 in the systat
net page - but it's not mentionned LISTEN or ESTABLISHED, it's just
empty as if the process was not listening. It's nmbd. This process
does'nt listen actually apprearently.
In log it says the following which seems understanble since nmbd does
not listen on UDP 137.
Mar 7 19:03:04 serveur nmbd[19915]: [2010/03/07 19:03:04, 0]
/usr/obj/ports/samba-3.0.34/samba-3.0.34/source/libsmb/nmblib.c:send_udp
(793) Mar 7 19:03:04 serveur nmbd[19915]: Packet send failed to
10.0.1.255(138) ERRNO=Host is down
Are you sure the desired processes have opened the desired ports?

$ fstat | grep -E 'USER|internet'

Are you sure your /etc/pf.conf is allowing connections?

-jon
Jean-Francois
2010-03-07 21:37:23 UTC
Permalink
Post by J.C. Roberts
On Sun, 7 Mar 2010 19:10:20 +0100 "jean-francois"
Post by jean-francois
Post by Rogier Krieger
Post by jean-francois
Is there some basic configuration I missed to do ?
As a quick check, did you start both smbd and nmbd components (ps ax
is your friend here) and did you place the necessary lines in
/etc/rc.local as per the message you received upon install? If you
missed that, see pkg_info(1) and its -M option.
Alternatively, review the log files for samba to see what's (not) happening.
Regards,
Rogier
Yes, daemons are loaded.
# ps -ax | grep mbd
5434 ?? Is 0:00.01 /usr/local/libexec/smbd
28545 ?? I 0:00.00 /usr/local/libexec/smbd
19915 ?? Ss 0:00.03 /usr/local/libexec/nmbd
2725 ?? I 0:00.11 /usr/local/libexec/smbd
In rc.local I don't have the -M option, what is this for ?
He was speaking of the package tools and how to get the install message
$ pkg_info -M samba
$ man pkg_info
Post by jean-francois
if [ -x /usr/local/libexec/smbd ]; then
echo -n ' smbd'
/usr/local/libexec/smbd
fi
if [ -x /usr/local/libexec/nmbd ]; then
echo -n ' nmbd'
/usr/local/libexec/nmbd
I have a process relative to nmbd binding to UDP 137 in the systat
net page - but it's not mentionned LISTEN or ESTABLISHED, it's just
empty as if the process was not listening. It's nmbd. This process
does'nt listen actually apprearently.
In log it says the following which seems understanble since nmbd does
not listen on UDP 137.
Mar 7 19:03:04 serveur nmbd[19915]: [2010/03/07 19:03:04, 0]
/usr/obj/ports/samba-3.0.34/samba-3.0.34/source/libsmb/nmblib.c:send_udp
(793) Mar 7 19:03:04 serveur nmbd[19915]: Packet send failed to
10.0.1.255(138) ERRNO=Host is down
Are you sure the desired processes have opened the desired ports?
$ fstat | grep -E 'USER|internet'
Are you sure your /etc/pf.conf is allowing connections?
-jon
I am not sure but believe the problem is in smb.conf
I tried to change many parameters to make nmbd LISTEN and answer UDP/137
requests without success.

root nmbd 18581 7* internet dgram udp *:137
root nmbd 18581 8* internet dgram udp *:138
root nmbd 18581 9* internet dgram udp 10.0.1.1:137
root nmbd 18581 10* internet dgram udp 10.0.1.1:138
root smbd 23715 19* internet stream tcp 0xd78abc84 *:445
root smbd 23715 20* internet stream tcp 0xd78abe14 *:139
root sshd 24099 4* internet6 stream tcp 0xd78ab644 *:60000
root sshd 24099 5* internet stream tcp 0xd78ab7d4 *:60000

Thank you
Philip Guenther
2010-03-08 04:13:34 UTC
Permalink
On Sun, Mar 7, 2010 at 1:37 PM, Jean-Francois <***@gmail.com> wrote:
...
Post by Jean-Francois
I am not sure but believe the problem is in smb.conf
...but you'll not actually show the contents of that file. I take it
you're taking the problem to the samba mailing lists then?
Post by Jean-Francois
I tried to change many parameters to make nmbd LISTEN and answer UDP/137
requests without success.
Repeat after me: UDP IS STATELESS.

Indeed, a quick examination of the output of netstat on any OpenBSD
system shows that the state column is *always* empty for UDP sockets.

As for answering requests, how do you know it isn't? Did you trace
the process? Did you use tcpdump to confirm that the packets were
being received? Have you confirmed that your pf config isn't blocking
them?

It's been years since I've had to deal with samba, so I can't really
help you further...other than to point out that you failed to provide
any information about your system or the samba you're running. What
version of OpenBSD? Did you install the samba package from the ftp
site, or did you build the port yourself, or did you download the
source and build it yourself without using the ports framework?


Philip Guenther
Jean-Francois
2010-03-08 07:37:19 UTC
Permalink
Hello,
wrote: ...
Post by Jean-Francois
I am not sure but believe the problem is in smb.conf
...but you'll not actually show the contents of that file. I take it
you're taking the problem to the samba mailing lists then?
I used the default file, with "security user" and two mount points shared as
user. I then tried to change the paramters as "local master" and "domain
master" as explained in the mal and examples.
I did not ask to samba mailing list simply because I did not yet suggested it
came from smb.conf - I am not sure about this.
Post by Jean-Francois
I tried to change many parameters to make nmbd LISTEN and answer UDP/137
requests without success.
Repeat after me: UDP IS STATELESS.
Thanks for the reminder. Yet I did not know that for this reason, LISTEN
was'nt mentionned.
Indeed, a quick examination of the output of netstat on any OpenBSD
system shows that the state column is *always* empty for UDP sockets.
As for answering requests, how do you know it isn't? Did you trace
the process? Did you use tcpdump to confirm that the packets were
being received? Have you confirmed that your pf config isn't blocking
them?
I did'nt trace the process, but tcpdump show the packets, pflog confirms that
the rule pass in pf.conf lets correctly passing the packets.
It's been years since I've had to deal with samba, so I can't really
help you further...other than to point out that you failed to provide
any information about your system or the samba you're running. What
version of OpenBSD? Did you install the samba package from the ftp
site, or did you build the port yourself, or did you download the
source and build it yourself without using the ports framework?
It's 4.6 default + samba 3 default from packages.
I did not copy all informations such as content of smb.conf and pf.conf as I
did not feel it necessary - for the first, it is close enough from default and
for the second it's perfectly patching what is needed for process to work.
Philip Guenther
Christiano F. Haesbaert
2010-03-08 16:38:51 UTC
Permalink
I'm gonna give a long shot here, are you sure nmbd doesn't rely on
multicast packets ? I remember it used broadcast, but as M$ changes
protocol specifications as they produce bad code.

If so, you need to enable multicast, man 7 netstart os your friend.

Also, use tcpdump as stated before to confirm package exchanges.
Jean-Francois
2010-03-13 16:11:22 UTC
Permalink
Post by Jean-Francois
[...]
Post by Philip Guenther
As for answering requests, how do you know it isn't? Did you trace
the process? Did you use tcpdump to confirm that the packets were
being received? Have you confirmed that your pf config isn't blocking
them?
I did'nt trace the process, but tcpdump show the packets, pflog confirms
that the rule pass in pf.conf lets correctly passing the packets.
[...]
Post by Philip Guenther
Philip Guenther
I used the info from Christiano Haesbaert and achieved to make it work
correctly with pf and multi-cast packets forwarding by setting mfordarding=1
in sysctl and host=re0 in rc.conf.

I also traced the process nmbd and found this problem, which is also logged in
the log file smb.nmbd in /var/log

<27>Mar 13 16:55:15 nmbd[7796]: Packet send failed to 10.0.1.255(138)
ERRNO=Host is down

I can't find out deeper the problem in this case.
Any help from you please ?

Thanks a lot & regards.
JF
Christiano F. Haesbaert
2010-03-27 00:32:12 UTC
Permalink
Post by Jean-Francois
Post by Jean-Francois
[...]
Post by Philip Guenther
As for answering requests, how do you know it isn't? Did you trace
the process? Did you use tcpdump to confirm that the packets were
being received? Have you confirmed that your pf config isn't blocking
them?
I did'nt trace the process, but tcpdump show the packets, pflog confirms
that the rule pass in pf.conf lets correctly passing the packets.
[...]
Post by Philip Guenther
Philip Guenther
I used the info from Christiano Haesbaert and achieved to make it work
correctly with pf and multi-cast packets forwarding by setting mfordarding=1
in sysctl and host=re0 in rc.conf.
I also traced the process nmbd and found this problem, which is also logged in
the log file smb.nmbd in /var/log
<27>Mar 13 16:55:15 nmbd[7796]: Packet send failed to 10.0.1.255(138)
ERRNO=Host is down
I can't find out deeper the problem in this case.
Any help from you please ?
Really late answer but that error message is due the reject route for
multicast, or no route at all.
--
Christiano Farina HAESBAERT
Do NOT send me html mail.
Loading...