[Xastir] Samba Peculiarity
Tom Russo
russo at bogodyn.org
Tue Feb 10 23:54:30 EST 2009
On Tue, Feb 10, 2009 at 09:46:12PM -0700, we recorded a bogon-computron collision of the <russo at bogodyn.org> flavor, containing:
>
> This is a well-known issue with kernel AX.25 networking and samba. Yes, by
> default Samba binds to all network interfaces and sends out "I'm here" packets
> to them.
>
> There is indeed a way to shut it off.
>
> In your smb.conf file you need to have an "interfaces" line that lists the
> network interfaces you want samba to use. Then you have a
> "bind interfaces only" line that tells samba to use *only* the interfaces
> listed in that line.
>
> If you use "swat" to manage your samba configuration, there's certainly a way
> to do it there, too.
>
> On the "Globals" page of the SWAT configuration tool, look under "Base Options"
> and add your valid network interfaces to the "interfaces" box. Then set
> "bind interfaces only" to "Yes" and commit changes, and restart your daemons.
> It should no longer touch your ax.25 interfaces.
And if, as you say, you're not even *using* samba, you're better off shutting
off the daemon anyway. But if you *do* want to use it, you should probably
read the smb.conf man page and learn how to make it listen not only to
certain interfaces, but to certain valid IP addresses. You don't want your
samba to be sending out past your router, nor listening to anybody that's
not on your LAN.
Samba's a pain to secure, but once you get it right it is good for what it
does (sharing disks and printers to Windows clients --- you don't even need
to run the daemons to share disks and printers from Windows servers).
--
Tom Russo KM5VY SAR502 DM64ux http://www.swcp.com/~russo/
Tijeras, NM QRPL#1592 K2#398 SOC#236 http://kevan.org/brain.cgi?DDTNM
In some cultures what I do would be considered normal.
-- Ineffective daily affirmation
More information about the Xastir
mailing list