OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> No Samba or hostname across network
tawalker
post Dec 22 2003, 02:02 AM
Post #1





Group: Members
Posts: 82
Joined: 10-December 03
Member No.: 1,130



So, this part of the forum has got a bit "cobwebby", it seems - hope that doesn't mean no-one will notice this post tongue.gif

Brief backgrounder: I have a home LAN, centred on an SMC Barricade gateway router. This acts as a hub/switch (connecting the hosts to each other), a DHCP server (handing out IP addresses), an Internet gateway (sharing my cable modem) and a print server. Our desktop PC is connected directly to the router, as is a wireless access point; our laptop and my Zaurus use the wireless link to access the network.

I have set our Windows PCs to use IPX/SPX as the transport for the MS networking, as IPX is non-routable and therefore (so I understand) safer than TCP/IP. Unfortunately, I think this may be responsible for the two network-related issues I have with my Z. One is minor, the other more annoying:

(1) For some reason, my Z's hostname doesn't show on the router's DHCP clients list. That is, the server gave the Z an IP address, and I can use the LAN and Internet, but the hostname column is blank. I definitely have a hostname set on the Z - any idea why it might not be "broadcast"?

(2) I followed the instructions here to set up Samba on the Z, mainly for browsing the Z's drives from our PCs via wireless. Unfortunately, it flat-out doesn't work - I suspect it's because I'm using IPX as the transport for the Windows PC's networking. Do I really have to go back to using TCP/IP for Windows file-sharing (with the security issues that entails), if I want to use Samba with the Z?

Thanks a bunch for any suggestions!

Tim
Go to the top of the page
 
+Quote Post
tumnus
post Dec 22 2003, 03:05 AM
Post #2





Group: Members
Posts: 1,176
Joined: 3-October 03
From: UK
Member No.: 547



Doesn't your cable modem have a builtin firewall? That's the easiest way to secure your network. Also subnets like 192.168.x.x are non-routable so they are safe for private LANs too.

I very much doubt IPX support has been compiled into the Zaurus kernel, so that could well be the route of your problems.

I didn't think hostnames got 'broadcast', although I'm no DHCP expert. If you're thinking about browsing Windows PCs via the Network Neighbourhood, that is done via a different method anyway, using the SMB/CIM protocol. On the same subnet, PCs that use the SMB protocol (as is implemented in Samba) will broadcast to each other to find their names. For PCs on different subnets, you must setup a WINS server, which is a rough equivalent to a MS DNS server.
Go to the top of the page
 
+Quote Post
tawalker
post Dec 23 2003, 02:26 AM
Post #3





Group: Members
Posts: 82
Joined: 10-December 03
Member No.: 1,130



(Another lengthy post - apologies in advance...)

QUOTE
Doesn't your cable modem have a builtin firewall? That's the easiest way to secure your network.


Funnily enough, I mentioned my router's firewall in the first 'draft' of my post, but deleted that part as I thought the post was getting too long-winded! smile.gif

I also said in that first draft that I normally keep all the hosts behind the firewall, and that keeps us secure. However, we quite often use NetMeeting to call my wife's family, and the PC used for NetMeeting has to be placed outside the firewall (DMZ) for the duration of the call. If I used TCP/IP for MS file-sharing, wouldn't that mean that anyone could browse our LAN while we're having our NetMeeting session?

(I should mention that I got the idea for using IPX/SPX as the transport for MS networking, from both Practically Networked and Gibson Research Corp. (the ShieldsUp! place). They actually recommend using NetBIOS as it's non-routable, but I couldn't use that for some reason, so they said IPX would work just as well.)

QUOTE
I didn't think hostnames got 'broadcast', although I'm no DHCP expert. If you're thinking about browsing Windows PCs via the Network Neighbourhood, that is done via a different method anyway, using the SMB/CIM protocol.


Because of the transport problem above, I haven't seen whether the hostname shows up in Network Neighborhood, so I wasn't thinking of SMB yet smile.gif

The problem is with the router not listing the Z's hostname in its DHCP client list (even though there is an IP address allocated to the Z, and the TCP/IP networking works fine). I wouldn't think the router would use SMB, so presumably it would pick up the Z's hostname another way. However, I'm not a great networking expert - usually, I just plug everything into the Barricade, and it works!

I can live with this issue, as the Z can access the Internet with no apparent problems, but I'm just curious as to why the hostname doesn't show.

Sorry for another lengthy post - you can imagine what I'm like in conversation :wink:

Tim
Go to the top of the page
 
+Quote Post
post Dec 23 2003, 04:14 AM
Post #4





Group:
Posts: 0
Joined: --
Member No.: 0



Long posts help. My home network is very similar.

For my TCP/IP network, the IP address is broadcast, but not the host name. I put the hostname in Windows hosts and it then appears in in the network utility. This file contains the mappings of IP addresses to host names.

C:WINDOWSSYSTEM32DRIVERSetchosts

127.0.0.1 localhost
192.168.xxx.xxx gateway # Wireless Access Point
192.168.xxx.xxx desktop # PC
192.168.xxx.xxx notebook # PC
192.168.xxx.xxx zaurusw # Sharp PDA wireless CF card Linksys WCF12
192.168.129.201 zaurus # Sharp PDA USB network

I used GRE ShieldUP to test network security. All ports were stealth except for ident. So I use Persistent Port Forwarding for inbound port 113 to a private IP address and private port that was outside the range of the Dynamic Host Configuration Protocol (DHCP). But now I disable DHCP and use static IP addresses, which is more secure. IP addresses are assigned only to recognized MACs. I still foward port 113.

Samba on the zaurus starts up when interface usbd0 starts (on and in the cradle), and stops when usbd0 stops (off or out of the cradle). smbd and nmbd samba servers are started in /home/etc/rc.d/init.d/samba where samba start is a call from /home/etc/hotplug/net.agent, where usbd0 is detected.

I do use DHCP for the USB network, dhcpd starts in /home/etc/hotplug/usbd.func

When you establish a virtual DMZ, you essentially open all inbound ports and direct the base station to forward certain inbound data packets (those that are not in response to a transmission initiated by a local networked computer and not handled through application-triggered or persistent port forwarding) to a particular computer on your local network. This computer becomes the virtual DMZ host.

A virtual DMZ should be used only in very specific and finite situations. The computer that hosts the virtual DMZ is fully exposed to the Internet, and is thus susceptible to malicious attacks and unauthorized access. If a hacker were to upload a virus to the virtual DMZ, the virus could spread to all the computers on your network.

A safer method is to use Application-Triggered Port Forwarding. Some programs, such as Internet gaming, video conferencing, and Internet telephony, require connections to multiple ports. This type of port forwarding lets you specify these connections so that such programs can work properly.

These applications cannot work when NAT is enabled through the routing network mode. If you need to run applications that require multiple connections, specify the outbound (trigger) port normally associated with an application, select the protocol type (TCP or UDP), then type the inbound (public) ports associated with the outbound port to open them for inbound traffic.

When I use netmeeting, that program automatically puts ports in the Persistent Port Forwarding list. It must be a Microsoft backdoor to my gateway. I disable these Persistent Port Forwarding ports and re-enable them when I use netmeeting. I don't use Application-Triggered Port Forwarding list, since I manually disable the Persistent Port Forwarding, which effectively does the same.

InboundPort Protocol PrivateIPaddress PrivatePort
1774 UDP 192.168.xxx.xxx 11441
22015 TCP 192.168.xxx.xxx 15842
Go to the top of the page
 
+Quote Post
post Dec 23 2003, 05:18 AM
Post #5





Group:
Posts: 0
Joined: --
Member No.: 0



There are more ports opened by netmeeting than shown above. Netmeeting works for me without using a DMZ.

Here are ports I just looked at today used by netmeeting. It may depend on your system. I want to do some reading about this.

Process PID LocalIP LocalPort RemoteIP RemotePort Protocol Path
Unknown 0 192.168.xxx.xxx 63244 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 58167 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 55808 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 43425 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 40756 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 10701 192.168.xxx.xxx 80 TCP
Unknown 0 192.168.xxx.xxx 5067 192.168.xxx.xxx 80 TCP
CONF.EXE 2904 127.0.0.1 4103 UDP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 0.0.0.0 4100 UDP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 192.168.xxx.xxx 4106 131.107.97.6 80 TCP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 192.168.xxx.xxx 4105 131.107.97.6 80 TCP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 192.168.xxx.xxx 4104 207.46.134.157 80 TCP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 0.0.0.0 1720 TCP C:Program FilesNetMeetingCONF.EXE
CONF.EXE 2904 0.0.0.0 1503 TCP C:Program FilesNetMeetingCONF.EXE
msmsgs.exe 3388 192.168.xxx.xxx 46348 UDP C:Program FilesMessengermsmsgs.exe
msmsgs.exe 3388 192.168.xxx.xxx 13272 UDP C:Program FilesMessengermsmsgs.exe
msmsgs.exe 3388 0.0.0.0 4107 UDP C:Program FilesMessengermsmsgs.exe
msmsgs.exe 3388 192.168.xxx.xxx 8397 TCP C:Program FilesMessengermsmsgs.exe

where
131.107.97.6 is directory.netmeeting.microsoft.com
207.46.134.157 is origin2.microsoft.com
Go to the top of the page
 
+Quote Post
tawalker
post Dec 23 2003, 06:10 AM
Post #6





Group: Members
Posts: 82
Joined: 10-December 03
Member No.: 1,130



QUOTE
Long posts help.


Phew smile.gif

QUOTE
There are more ports opened by netmeeting than shown above. Netmeeting works for me without using a DMZ.


The wisdom I've received is that NetMeeting tries to open so many ports (and not always the same ones), that the "path of least resistance" is to place the PC in the DMZ for the duration of the call. I'm well aware of the security implications of doing this (that's why I've been using MS networking over IPX, as it's non-routable), so I only use the DMZ when I can see no other option (basically, for NetMeeting). Having said that, Persistent Port Forwarding sounds promising, as long as my router (SMC Barricade 7004BR) can handle it.

I learned the "forward IDENT to empty address" trick from grc.com too smile.gif I use MAC filtering, but only on the wireless network, as that's the most likely point of unwanted entry to my LAN.

To bring this back to the Zaurus: biggrin.gif I only allow two clients - our laptop and my Z - to access the wireless AP. This is the only network connection which my Z uses, as I don't use the USB cradle, except as a bedside stand and recharging station for the Z.

Anyway, it looks increasingly like I'll be going back to TCP/IP for MS networking, and being a bit more careful when using the DMZ...

Tim
Go to the top of the page
 
+Quote Post
post Dec 23 2003, 01:58 PM
Post #7





Group:
Posts: 0
Joined: --
Member No.: 0



Here is a web site with much netmeeting information.

http://www.meetingbywire.com/

I also just read MS is phasing out netmeeting, to be replaced by livemeeting.
Go to the top of the page
 
+Quote Post
post Dec 23 2003, 03:54 PM
Post #8





Group:
Posts: 0
Joined: --
Member No.: 0



I got those netmeeting ports wrong. The established ports are 1503 and 1720. As you wrote, likely different port numbers for you.

The Zonealarm website has information about using netmeeting. I don't know what that means since I never used Zonealarm.
QUOTE
3. Netmeeting and Other Webcam-type Programs.
For problems using Netmeeting with ZoneAlarm or ZoneAlarm Pro, you should temporarily turn off "Remote Desktop Sharing" via the Netmeeting system tray icon.

You can also add the Netmeeting domain or IP address you use with Netmeeting to the Local zone.
Go to the top of the page
 
+Quote Post
tawalker
post Jan 29 2004, 07:36 AM
Post #9





Group: Members
Posts: 82
Joined: 10-December 03
Member No.: 1,130



Time to resurrect this thread smile.gif (I should mention that the WLAN connection was not active when I tried the steps below, if that helps.)

Basically, I tried checking through the "Samba over non-USB" HOWTO again, and I am fairly sure I followed it to the letter. All seemed well up to the point where I issue the command

CODE
/etc/rc.d/init.d/samba.bak stop


Then all goes pear-shaped. I see these error messages (with part of the output deleted here: "..."):

CODE
Stopping smbd and nmbd...

/var/lock/samba/smbd.pid: No such file or directory

...

/var/lock/samba/nmbd.pid: No such file or directory


Aside from the obvious conclusion (i.e. these two files don't exist wink.gif ), can anyone suggest what this might mean, and how I can fix it and get Samba running?

Thanks again,
Tim
Go to the top of the page
 
+Quote Post
lardman
post Jan 29 2004, 05:40 PM
Post #10





Group: Members
Posts: 4,515
Joined: 25-October 03
From: Bath, UK
Member No.: 464



QUOTE
Aside from the obvious conclusion (i.e. these two files don't exist  ), can anyone suggest what this might mean, and how I can fix it and get Samba running?  


I don't know about getting it running (except perhaps looking in your /etc/rc.d/init.d/samba.bak script), but this indicates to me that neither smbd nor nmbd were running, so you ought to try and find out why. On the other hand I may be wrong, can you access any of your samba shares on the Zaurus from one of your other machines?


Si
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 24th April 2014 - 08:10 AM