Jailed Samba not getting broadcasts
Nejc Škoberne
nejc at skoberne.net
Thu Apr 24 08:42:49 UTC 2008
Hello Dewayne,
> I have encountered a similar problem, when I configured a SAMBA PDC over
> the wan (through IPSEC of course). You might like to consider using
> these in your smb.conf:
> hosts allow = 10.1. 10.2.
> remote announce = 10.1.1.255 10.2.1.255
> remote browse sync = 10.1.1.255 10.2.1.255
I have tried that, but no luck. Still can't resolve the NetBIOS name using
solely NetBIOS broadcasts.
> If that doesn't solve the need, then perhaps you should modify
> /etc/devfs.rules in your base system, to behave a little more
> promiscuously, and include something like:
> [devfsrules_samba_jail=6]
> add include $devfsrules_hide_all
> add include $devfsrules_unhide_basic
> add include $devfsrules_unhide_login
> add path bpf0 unhide
I also tried that. Of course I also configured "devfsrules_samba_jail" policy for
my jail. So now I can also tcpdump in my jail. But still, those broadcasts seem to
be ignored by samba (although I can see them with tcpdump). This works for you?
> Note the latter opens a potential security hole if someone breaches
> samba jail, providing a means to tcpdump (...) your network
This is not a great concern for me since this will be running locally.
Thanks a lot for your help,
Nejc
More information about the freebsd-net
mailing list