|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Samba connecting to an outside IP address
I'm trying to setup samba share on my OpenBSD5.4-current. Very simple setup, guest access to one folder as read only. Perhaps maybe only shared on the local network 192.168.0.
I can see my server popping up in windows hosts in the network but because I couldn't browse the shares, not even from localhost, I ran smbtree in maximum debugging level. Somehow, samba manages to resolve IO (hostname of the server) to 193.223.78.212 . Err how the heck does that happen? The only mechanisms that i know of that can do that is DNS or /etc/hosts. DNS I don't run and /etc/hosts is standard. If I copy paste the resolved IP address in the address bar I'm proposed to register a .io domain name :confused. I truly don't understand the mechanism why this is happening. Code:
smbtree -d 10 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH cli_init_creds: user myusername domain mydomainname num_setup=0, max_setup=0, param_total=32, this_param=32, max_param=8, data_total=0, this_data=0, max_data=65535, param_offset=92, param_pad=2, param_disp=0, data_offset=124, data_pad=0, data_disp=0 \\IO OpenBSD Server Connecting to host=IO sitename_fetch: No stored sitename for internal_resolve_name: looking up IO#20 (sitename (null)) name IO#20 found. remove_duplicate_addrs2: looking for duplicate address/port pairs Running timed event "tevent_req_timedout" 0x2ef046f3150 Connecting to 193.223.78.212 at port 445 Running timed event "tevent_req_timedout" 0x2ef046f3d50 Connecting to 193.223.78.212 at port 139 ... ... ... Running timed event "tevent_req_timedout" 0x2ef046f2b50 Running timed event "tevent_req_timedout" 0x2ef046f3b50 Running timed event "tevent_req_timedout" 0x2ef046f2d50 Error connecting to 193.223.78.212 (Undefined error: 0) cli_start_connection: failed to connect to IO<20> (0.0.0.0). Error NT_STATUS_UNSUCCESSFUL Last edited by virtuvoos; 28th October 2013 at 09:01 PM. Reason: syntax error in [/code] |
|
|||
Are you by chance maybe using the name 'nic.io' ?
Code:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
No, not that I'm aware of.
Code:
$ hostname -s io $ |
|
|||
And what does
$ hostname return?
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Code:
$ hostname io.home $ |
|
|||
At least a [ hostname should contain 3 parts, the name of the host, the domain and the Top Level Domain (TLD).
For example:
So yours is missing a third ingredient I don't know what exactly your Windows clients are doing, but somehow they are resolving home.io to www.nic.io which has the 193.223.78.212 IP address. Probably a failed, or wrongly interpreted double reverse name lookup. If you have an OpenBSD firewall you could run tcpdump there and watch the DNS requests from those Windows clients to see what is happening: Assuming you have a re0 NIC: [ # tcpdump -vvvv -ni re0 -s1500 port 53 It also would be informative if you could post the contents of /etc/resolv.conf and /etc/hosts. An alternative to all this debugging is to simply configure a DNS server in your local LAN and making sure that each host has a proper local hostname of at least three elements.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
A bit of a late reply.
I issued the command smbtree at 11:23:42, it stopped at 11:23:56 spending most of its time trying to find shares on 192.168.2.131 but not succeeding. 192.168.2.131 is the localhost as well as the host serving the samba share. The contents of /etc/resolv.conf Code:
$ cat /etc/resolv.conf # Generated by re0 dhclient search home nameserver 195.130.131.4 nameserver 195.130.130.132 nameserver 192.168.2.1 lookup file bind $ Code:
11:23:45.152604 192.168.2.131.3414 > 195.130.131.4.53: [bad udp cksum 6e1d!] 37829+ A? PC-BUREEL-.home. (33) (ttl 64, id 23373, len 61, [552/674] 0! differs by 15b1) 11:23:45.162916 195.130.131.4.53 > 192.168.2.131.3414: [udp sum ok] 37829 NXDomain q: A? PC-BUREEL-.home. 0/1/0 ns: . [8m51s] SOA a.root-servers. net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (108) (ttl 57, id 14551, len 136) 11:23:45.163127 192.168.2.131.38794 > 195.130.131.4.53: [bad udp cksum fff3!] 2789+ A? PC-BUREEL-. (28) (ttl 64, id 45911, len 56, bad cksum 0! d iffers by bdab) 11:23:45.174856 195.130.131.4.53 > 192.168.2.131.38794: [udp sum ok] 2789 NXDomain q: A? PC-BUREEL-. 0/1/0 ns: . [8m51s] SOA a.root-servers.net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (103) (ttl 57, id 14552, len 131) 11:23:45.186837 192.168.2.131.2799 > 195.130.131.4.53: [bad udp cksum de82!] 22992+ A? CISCO42080.home. (33) (ttl 64, id 21207, len 61, bad cksum 0! differs by 1e27) 11:23:45.198672 195.130.131.4.53 > 192.168.2.131.2799: [udp sum ok] 22992 NXDomain q: A? CISCO42080.home. 0/1/0 ns: . [8m51s] SOA a.root-servers. net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (108) (ttl 57, id 14553, len 136) 11:23:45.198909 192.168.2.131.6294 > 195.130.131.4.53: [bad udp cksum 5f2c!] 31374+ A? CISCO42080. (28) (ttl 64, id 44294, len 56, bad cksum 0! d iffers by c3fc) 11:23:45.210716 195.130.131.4.53 > 192.168.2.131.6294: [udp sum ok] 31374 NXDomain q: A? CISCO42080. 0/1/0 ns: . [8m51s] SOA a.root-servers.net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (103) (ttl 57, id 14554, len 131) 11:23:45.254804 192.168.2.131.9185 > 195.130.131.4.53: [bad udp cksum fc5d!] 26306+ A? CISCO14042.home. (33) (ttl 64, id 45079, len 61, bad cksum 0! differs by c0e6) 11:23:45.266982 195.130.131.4.53 > 192.168.2.131.9185: [udp sum ok] 26306 NXDomain q: A? CISCO14042.home. 0/1/0 ns: . [8m51s] SOA a.root-servers. net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (108) (ttl 57, id 14555, len 136) 11:23:45.267205 192.168.2.131.8694 > 195.130.131.4.53: [bad udp cksum 900e!] 36863+ A? CISCO14042. (28) (ttl 64, id 43978, len 56, bad cksum 0! d iffers by c538) 11:23:45.278799 195.130.131.4.53 > 192.168.2.131.8694: [udp sum ok] 36863 NXDomain q: A? CISCO14042. 0/1/0 ns: . [8m51s] SOA a.root-servers.net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (103) (ttl 57, id 14556, len 131) 11:23:55.398183 192.168.2.131.43872 > 195.130.131.4.53: [bad udp cksum 4216!] 56010+ A? CINEMAROOM.home. (33) (ttl 64, id 45340, len 61, bad cksu m 0! differs by bfe1) 11:23:55.408918 195130.131.4.53 > 192.168.2.131.43872: [udp sum ok] 56010 NXDomain q: A? CINEMAROOM.home. 0/1/0 ns: . [7m58s] SOA a.root-servers .net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (108) (ttl 57, id 14557, len 136) 11:23:55.409046 192.168.2.131.19240 > 195.130.131.4.53: [bad udp cksum 7e32!] 63148+ A? CINEMAROOM. (28) (ttl 64, id 53749, len 56, bad cksum 0! differs by 9f0d) 11:23:55.420882 195.130.131.4.53 > 192.168.2.131.19240: [udp sum ok] 63148 NXDomain q: A? CINEMAROOM. 0/1/0 ns: . [7m58s] SOA a.root-servers.net. nstld.verisign-grs.com. 2013110100 1800 900 604800 86400 (103) (ttl 57, id 14558, len 131) SrcP=source port, DstP=destination port, P=protocol, Fl=Decimal TCP-control bits, pkts: number of packets, Octets: nr of bytes in this case Code:
$ flow-cat ft-v05.2013-11-01.112501+0100 | flow-print -f5 | sort | less Start End Sif SrcIPaddress SrcP DIf DstIPaddress DstP P Fl Pkts Octets 1101.11:23:41.157 1101.11:28:16.307 0 192.168.2.1 1900 0 239.255.255.250 1900 17 0 113 38828 1101.11:23:47.482 1101.11:23:47.482 0 192.168.2.131 37288 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.483 1101.11:23:47.483 0 192.168.2.142 137 0 192.168.2.131 37288 17 0 1 90 1101.11:23:47.484 1101.11:23:58.106 0 192.168.2.131 18784 0 192.168.2.142 445 6 3 8 1262 1101.11:23:47.484 1101.11:23:58.106 0 192.168.2.142 445 0 192.168.2.131 18784 6 6 7 1289 1101.11:23:47.493 1101.11:23:47.493 0 192.168.2.131 38001 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.494 1101.11:23:47.494 0 192.168.2.142 137 0 192.168.2.131 38001 17 0 1 90 1101.11:23:47.519 1101.11:23:47.519 0 192.168.2.116 137 0 192.168.2.131 38001 17 0 1 90 1101.11:23:47.757 1101.11:23:47.758 0 192.168.2.131 6757 0 192.168.2.142 137 17 0 1 78 1101.11:23:47.757 1101.11:23:47.758 0 192.168.2.142 137 0 192.168.2.131 6757 17 0 1 239 1101.11:23:47.758 1101.11:23:47.758 0 192.168.2.131 40805 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.759 1101.11:23:47.759 0 192.168.2.142 137 0 192.168.2.131 40805 17 0 1 90 1101.11:23:47.760 1101.11:23:58.106 0 192.168.2.131 46073 0 192.168.2.142 445 6 3 9 1442 1101.11:23:47.760 1101.11:23:58.106 0 192.168.2.142 445 0 192.168.2.131 46073 6 6 8 1483 1101.11:23:47.770 1101.11:23:47.770 0 192.168.2.131 30748 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.779 1101.11:23:47.779 0 192.168.2.116 137 0 192.168.2.131 30748 17 0 1 90 1101.11:23:47.780 1101.11:23:58.110 0 192.168.2.116 445 0 192.168.2.131 24377 6 3 7 804 1101.11:23:47.780 1101.11:23:58.110 0 192.168.2.131 24377 0 192.168.2.116 445 6 3 9 1030 1101.11:23:47.787 1101.11:23:47.789 0 192.168.2.116 139 0 192.168.2.131 12116 6 2 1 60 1101.11:23:47.787 1101.11:23:47.789 0 192.168.2.131 12116 0 192.168.2.116 139 6 6 2 110 1101.11:23:47.823 1101.11:23:47.833 0 192.168.2.131 3414 0 195.130.131.4 53 17 0 1 61 1101.11:23:47.823 1101.11:23:47.833 0 195.130.131.4 53 0 192.168.2.131 3414 17 0 1 136 1101.11:23:47.834 1101.11:23:47.845 0 192.168.2.131 38794 0 195.130.131.4 53 17 0 1 56 1101.11:23:47.834 1101.11:23:47.845 0 195.130.131.4 53 0 192.168.2.131 38794 17 0 1 131 1101.11:23:47.846 1101.11:23:47.846 0 192.168.2.100 137 0 192.168.2.131 32449 17 0 1 90 1101.11:23:47.846 1101.11:23:47.846 0 192.168.2.131 32449 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.847 1101.11:23:58.106 0 192.168.2.100 445 0 192.168.2.131 23842 6 6 10 1571 1101.11:23:47.847 1101.11:23:58.106 0 192.168.2.131 23842 0 192.168.2.100 445 6 3 11 1728 1101.11:23:47.857 1101.11:23:47.869 0 192.168.2.131 2799 0 195.130.131.4 53 17 0 1 61 1101.11:23:47.857 1101.11:23:47.869 0 195.130.131.4 53 0 192.168.2.131 2799 17 0 1 136 1101.11:23:47.869 1101.11:23:47.881 0 192.168.2.131 6294 0 195.130.131.4 53 17 0 1 56 1101.11:23:47.869 1101.11:23:47.881 0 195.130.131.4 53 0 192.168.2.131 6294 17 0 1 131 1101.11:23:47.882 1101.11:23:47.882 0 192.168.2.131 6596 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.883 1101.11:23:47.883 0 192.168.2.1 137 0 192.168.2.131 6596 17 0 1 90 1101.11:23:47.883 1101.11:23:58.109 0 192.168.2.1 445 0 192.168.2.131 8813 6 3 10 1281 1101.11:23:47.883 1101.11:23:58.109 0 192.168.2.131 8813 0 192.168.2.1 445 6 3 12 1543 1101.11:23:47.925 1101.11:23:47.937 0 192.168.2.131 9185 0 195.130.131.4 53 17 0 1 61 1101.11:23:47.925 1101.11:23:47.937 0 195.130.131.4 53 0 192.168.2.131 9185 17 0 1 136 1101.11:23:47.938 1101.11:23:47.949 0 192.168.2.131 8694 0 195.130.131.4 53 17 0 1 56 1101.11:23:47.938 1101.11:23:47.949 0 195.130.131.4 53 0 192.168.2.131 8694 17 0 1 131 1101.11:23:47.950 1101.11:23:47.950 0 192.168.2.131 7872 0 192.168.2.255 137 17 0 1 78 1101.11:23:47.960 1101.11:23:47.960 0 192.168.2.116 137 0 192.168.2.131 7872 17 0 1 90 1101.11:23:47.960 1101.11:23:58.110 0 192.168.2.116 445 0 192.168.2.131 13453 6 3 11 1382 1101.11:23:47.960 1101.11:23:58.110 0 192.168.2.131 13453 0 192.168.2.116 445 6 3 13 1595 1101.11:23:47.970 1101.11:23:47.971 0 192.168.2.116 139 0 192.168.2.131 28508 6 2 1 60 1101.11:23:47.970 1101.11:23:47.971 0 192.168.2.131 28508 0 192.168.2.116 139 6 6 2 110 1101.11:23:48.019 1101.11:23:48.019 0 192.168.2.131 5769 0 192.168.2.255 137 17 0 1 78 1101.11:23:48.019 1101.11:23:48.019 0 192.168.2.142 137 0 192.168.2.131 5769 17 0 1 90 1101.11:23:48.020 1101.11:23:58.106 0 192.168.2.131 48594 0 192.168.2.142 445 6 3 9 1442 1101.11:23:48.020 1101.11:23:58.106 0 192.168.2.142 445 0 192.168.2.131 48594 6 6 8 1509 Code:
Start End Sif SrcIPaddress SrcP DIf DstIPaddress DstP P Fl Pkts Octets 1101.12:34:28.015 1101.12:38:11.586 0 192.168.2.142 138 0 192.168.2.255 138 17 0 6 1301 1101.12:34:49.337 1101.12:34:49.745 0 192.168.2.142 51147 0 224.0.0.252 5355 17 0 2 100 1101.12:34:49.337 1101.12:34:49.745 0 192.168.2.142 64539 0 224.0.0.252 5355 17 0 2 100 1101.12:34:49.337 1101.12:37:14.378 0 192.168.2.142 137 0 192.168.2.255 137 17 0 23 1794 1101.12:35:41.718 1101.12:35:52.483 0 192.168.2.131 445 0 192.168.2.142 63560 6 2 10 1539 1101.12:35:41.718 1101.12:35:52.483 0 192.168.2.142 63560 0 192.168.2.131 445 6 6 13 3021 1101.12:35:59.734 1101.12:36:21.188 0 192.168.2.131 445 0 192.168.2.142 63562 6 2 44 7132 1101.12:35:59.734 1101.12:36:21.188 0 192.168.2.142 63562 0 192.168.2.131 445 6 6 67 15001 1101.12:36:26.688 1101.12:36:42.814 0 192.168.2.131 445 0 192.168.2.142 63564 6 2 20 3184 1101.12:36:26.688 1101.12:36:42.814 0 192.168.2.142 63564 0 192.168.2.131 445 6 6 24 6357 1101.12:36:43.893 1101.12:36:54.596 0 192.168.2.131 445 0 192.168.2.142 63565 6 2 8 1210 1101.12:36:43.893 1101.12:36:54.596 0 192.168.2.142 63565 0 192.168.2.131 445 6 6 11 2363 1101.12:37:13.457 1101.12:37:40.286 0 192.168.2.131 445 0 192.168.2.142 63587 6 2 62 10093 1101.12:37:13.457 1101.12:37:40.286 0 192.168.2.142 63587 0 192.168.2.131 445 6 6 74 20543 Last edited by virtuvoos; 1st November 2013 at 11:50 AM. |
|
|||
Forgot to posts the contents of /etc/hosts:
Code:
$ cat /etc/hosts # $OpenBSD: hosts,v 1.12 2009/03/10 00:42:13 deraadt Exp $ # # Host Database # # RFC 1918 specifies that these networks are "internal". # 10.0.0.0 10.255.255.255 # 172.16.0.0 172.31.255.255 # 192.168.0.0 192.168.255.255 # 127.0.0.1 localhost ::1 localhost $ |
|
|||
Yes makes sense. I'm a bit reluctant to do that though. I'm struggling to get basic stuff to work (*BSD newbie). Throwing in yet another unexplored system (DNS-server) will only complicate things for me at the moment.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
SSH failure when connecting to another machine via X | daemonfowl | OpenBSD Security | 4 | 27th July 2012 03:50 AM |
Problems with sound when connecting to TV | sepuku | OpenBSD General | 9 | 9th August 2011 07:30 PM |
pkg_add problems with connecting | Mr-Biscuit | NetBSD Package System (pkgsrc) | 2 | 26th May 2009 11:44 AM |
Connecting to router wirelessly | guitarscn | OpenBSD General | 16 | 21st January 2009 03:47 AM |
Connecting to wireless router | TomAmundsen | FreeBSD General | 19 | 25th August 2008 10:14 PM |