Web lists-archives.com

Re: [Samba] Make nmbd bind to interfaces only






On 11/02/2019 18:32, Harry Jede via samba wrote:
Am 11.02.19 um 18:47 schrieb Nick Howitt via samba:
Hi,
I would like to have nmbd only bind to the interfaces specified in the interfaces line of smb.conf, in the same way that smbd does. When researching this I did come across a mailing list thread saying there was no use case, but I think I have one.

For many years ClearOS has been providing NT4 style domains and unix-style shares. M$ upset the applecart last year with their 1803 update when joining NT4 domains got broken (it has since been fixed since September '18, but I would assume the writing is on the wall for NT4 domains).

To get round the issue I loaded samba into docker using the https://github.com/Fmstrat/samba-domain container. I wanted to continue to use the ClearOS samba configuration (v4.7.1 and soon to follow Centos to 4.8.3) for its file-sharing as a domain member. One of the problems I had was that if the native ClearOS instance of samba was started, the docker instance would refuse to start because of a port clash.

You should start your container with a real ethernet adapter! Search for:

docker tap

or

docker tuntap

Thanks. Not so easy to research but I am trying. I'll also ask at the docker forums.

I am concerned as to how this will help as nmbd is binding to 0.0.0.0. If I introduce a new interface, won't nmbd effectively also bind to that?
To get round this for smbd was easy. All I had to do was bind to interfaces only, but nmbd would not obey. For nmbd I had to set:

nmbd bind explicit broadcast = yes
socket address = 192.168.20.1

This is sort of OK if I have one LAN interface, but ClearOS is, among other things, a router/firewall and as such can have multiple LAN and/or VLAN interfaces. Socket address can only have one IP address so I can't get all LAN interfaces to bind to it. Is there a way round this or does it make a reasonable use case for a modification request.

Thanks,

Nick






--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba