smb browsing broken by firewall
Charles R. Anderson
cra at WPI.EDU
Mon Jan 19 14:07:28 UTC 2004
On Sun, Jan 18, 2004 at 10:09:40PM -0800, shane at geeklords.org wrote:
> Correct me if I am wrong, but if I remember my SMB protocol correctly
> doesn't it support 3 modes. Broadcast, multicast and point to point
> (unicast)? If I remember correctly I also believe modern win98+ defaults
> to unicast when talking to a winserver, master browser or active
> directory when browsing. If true, the broadcast/multicast firewall issue
> doesn't seem like that big of a deal to me or am I missing something?
There are four modes, actually, which are called B-node (Broadcast
always), P-node (Point-to-Point, use unicast to WINS always), M-mode
(Mixed, broadcast first, then use WINS), and H-node (Hybrid, use WINS
first, then broadcast).
The mode of a client can be specified by the DHCP server, along with
WINS server addresses, However, currently, FC can't do anything with
those DHCP options. I would like to work to get these supported in
dhclient-script.
Unfortunately, even specifying the correct options manually in
smb.conf does not seem to affect SMB clients, such as Nautilus,
although I have not investigated this thoroughly yet. Nautilus always
attempted broadcast to find the master browser, which won't work with
the default firewall configuration (unless the netfilter code is
enhanced, perhaps trivially).
Besides that, there are legitimate uses of B-nodes. Home networks
will almost never have a WINS server, so they must broadcast.
More information about the fedora-devel-list
mailing list