Date: Tue, 28 Feb 2006 22:07:52 +1100 From: Michael Vince <mv@roq.com> To: freebsd-stable@freebsd.org Subject: FreeBSD 6-stable hosts.allow and samba Message-ID: <44042F08.9010606@roq.com>
next in thread | raw e-mail | index | archive | help
Hi Guys,
I have been stuffing around for a silly amount of time trying to connect
to a test samba install on a 6-stable box with from WinXP with no success.
I checked the logs like hell on (enabled all.log) and saw nothing, no
server rejections nothing. In log.nmbd I did see a bunch of nice
messages like host resolution and master browser successful elections etc.
After trying just about everything to connect to the Samba I enabled
"ALL : ALL : allow" in hosts.allow as a last resort and boom there comes
up my samba server via MS windows.
This is what I had in hosts.allow below.
ALL : localhost 127.0.0.1 : allow
ALL : 192.168.0. : allow
ALL : ALL \
: severity auth.info \
: twist /bin/echo "You are not welcome to use %d from %h."
Looking at the example hosts.allow I can see why this would fail as IP
based address are always fully netmasked unlike my short handed "ALL :
192.168.0. : allow"
The examples and hostnames like .evil.cracker.example.com are used
through me off a bit as I just assumed it would work, and also because
such terminology is used in the smb.conf
I think its a bit ordinary that nothing comes up in any of the logs in
/var/log when samba rejects with no warning via tcpwrappers and I
believe there should be something in hosts.allow to say that something
like "ALL : 192.168.0. : allow" doesn't work at all such as
# This does not work
# ALL : 192.168.0. : allow
# Use full sub-netting terminology instead
# ALL : 192.168.0.0/255.255.255.0 : allow
I think this is needed as I believe I have been burned by this before
and I can only assume other people have as well.
Just my thoughts
Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44042F08.9010606>