|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
NetBIOS name resolution from FreeBSD?
So, I'm banging my head against this and the answer may be simple, but I'm not stumbling into it.
I have a FreeBSD 6.3 box that does some monitoring, arpwatch, ntop, etc. at work. I'd like this box to be able to resolve NetBIOS names - we have a number of thin clients and other devices that do not register with DNS. From a Windows machine with NetBIOS over TCP/IP enable I'm able to ping these things by name. I want to be able to do the same with the FreeBSD box. I assume I need nmbd for this. So I installed samba. I'm running nmbd by itself right now, as I don't need any file shares or anything. I let it run overnight, in fact. And still, I can't ping any nodes by NetBIOS name. Here's what I believe is the relevant section of smb.conf: Code:
# Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server wins support = no # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = no # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The default is NO. dns proxy = no I CAN, however, ping the FreeBSD box by name from Windows clients! But... that's not what I need, unfortunately. So, what am I missing? Am I incorrect in my understanding of Windows networking? Does nmbd not provide the functionality I'm looking for? Am I likely just missing a simple configuration piece? (By the way, if this should have gone into ports and packages, please move, and I apologize.) |
|
|||
For many years, even before Windows networking exisited, resolving symbolic names to their numerical IP address is done according to settings in the "/etc/resolv.conf" file.
This file only handles settings for the Domain Namy System (DNS) and is used in the C resolver library. Programs like ping are use this library whenever they have to resolve a symbolic name into an IP address. NETBIOS name lookups are not handled by that library at all. A younger addition to name resolutions is the "/etc/nsswitch.conf" file. The name stands for NameServerSwitch.conf. It allows more ways to resolve names, e.g. NIS. Unfortunately for you NETBIOS is not one of them You can do NETBIOS lookups from the command line: Code:
$ nmblookup hercules querying hercules on 192.168.222.255 192.168.222.20 hercules<00>
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for the education! It's rather depressing though - I was hoping to get arpwatch to be able to resolve NetBIOS names. When devices are plugged into the network I get an email with the IP and MAC of course, and then if I'm suspicious I can track down the physical port they are plugged into. If the name is in DNS it's part of the email, but if not there's no name listed. Sometimes a name would help me realize more quickly what the device might be!
Yeah, yeah, I know, I can just do a nmblookup myself when I get an email from arpwatch - but what fun is that? Maybe I can script it somehow... |
|
|||
Can you paste a sample of an email sent out by arpwatch? That way we can give a helping hand to script it
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
This is what one of the emails from arpwatch looks like. In this example the device plugged in was an HP thin client. Those do broadcast a NetBIOS name, but do not register in DNS:
Code:
hostname: <unknown> ip address: 192.168.3.8 ethernet address: 0:f:20:d9:5b:23 ethernet vendor: Hewlett Packard timestamp: Monday, March 2, 2009 15:42:03 -0500 (And yes, you are probably noticing that weird MAC address - I think arpwatch has problems with 0 as the first character in each set. Not a big deal.) phoenix - Yeah, you are right. And I could do MAC filtering on my Cisco switches too. But I don't think they want me to be that exclusive... yet. So for the time being I can content myself with knowing whenever a new device plugs into the network! |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Resolution problem.. | PCBSD3000 | FreeBSD General | 5 | 13th April 2009 07:56 PM |
Change consolle resolution | unixbsd | OpenBSD General | 7 | 16th March 2009 01:08 PM |
resolution too high!!! =| ? what? | seadog109 | Other BSD and UNIX/UNIX-like | 19 | 18th October 2008 04:25 AM |
FVWM/X11 Resolution Issue? | m4rc | OpenBSD General | 8 | 3rd July 2008 02:45 PM |
Changing resolution | Cloud | General software and network | 3 | 27th June 2008 06:03 PM |