Databases
StackOverflow2013
Postsdbo
POCentOS 6.3 Samba share over internet not working
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POCentOS 6.3 Samba share over internet not working
    primarykey
    data
    text
    <p><strong>Summary:</strong></p> <p>This is a 2 part question. A simple Samba share on one ISP with router doesn't work while another ISP with a different router setup the same and a similar server with same Samba configuration works.</p> <p>It seems to be either the router not forwarding the ports, although it successfully forwards SSH and others, or the ISP somehow blocking the standard Samba ports. It still bugs me that I can't figure out why it doesnt work and I'll still try to narrow down the cause.</p> <p>The second question is I'm looking for a business use, simple, easy to use (for end users), secure share for a small number of people and files, hosted internally and accessible externally on the internet, between Windows 7, XP, Mac, and linux servers with simple clients for end users.</p> <p>A new friend outside of stackoverflow helped with sshfs as a solution. On CentOS ssh already supports sshfs. The Windows client <a href="http://code.google.com/p/win-sshfs/" rel="nofollow noreferrer">win-sshfs</a> is working well and I'll be trying OSXFUSE with MACFusion described at <a href="https://systems.cs.uoregon.edu/wiki/index.php?n=Help.AppsSSHMacSSHFS" rel="nofollow noreferrer">UO</a>.</p> <p>Additionally, setup linux users for each person. To allow write by everyone in the linux group, change the umask in /etc/ssh/sshd_config described in this question at <a href="https://serverfault.com/questions/70876/how-to-put-desired-umask-with-sftp">serverfault</a>. People get to their home directory first, where I placed links to a shared folder with sticky bit set so they can't delete the folder. They can delete the links but that's easy enough to put back. The only issues I can see are lack of file locking and lack of auto-refresh.</p> <hr> <p><strong>Original Question:</strong></p> <p>I can't seem to get Samba working on a Centos 6.3 server over the internet. I have a similar test server on another internet connection working fine with the exact same setup. I've gone through <a href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html" rel="nofollow noreferrer">http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html</a> twice, made sure the ports are forwarded through to the internet (although not sure how to test they are really open), double checked samba configuration, its only sharing /tmp simply now. The user account is setup, it can ssh in and get to /tmp and the samba password is set the same. I can't ping the server but that is because the router or IP is set not pingable by the owner/work. SSH and HTTPS apache work well on the server with ports forwarded the same way. I haven't been able to test the share within the local network yet since I am not there, but I assume that it should work internally. When trying to connect from Windows 7 it just times out, no prompt and it has never connected, whereas my test server on my own internet connection is always working internally and externally.</p> <p>Any help would be greatly appreciated.</p> <p>The requirement is a easy to use internally hosted shared folder alternative to using "dropbox" for use between Windows 7, XP, mac, and linux servers that works over external internet connection. It won't see heavy usage but should be quick, easy to access/setup on the client side, and secure for business. If there are any alternatives to install on CentOS that would be great as well.</p> <p>Thank you! Andrew</p> <p>Edit, details:</p> <p>Ports are forwarded:</p> <p>(I had an image but as new user I cant post) 137, 138, 139, 445 are forwarded all with both TCP and UDP for testing now.</p> <p>smb.conf is setup simply and exactly the same as the working test server:</p> <pre><code># cat /etc/samba/smb.conf [global] workgroup=WORKGROUP log level = 3 log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam [tmp] comment = temporary files path = /tmp read only = yes </code></pre> <p>Samba restarted for good measure:</p> <pre><code># service smb restart Shutting down SMB services: [ OK ] Starting SMB services: [ OK ] </code></pre> <p>Windows 7 times out when trying to access the share as \ which works fine with the test server:</p> <p>(I had a screenshot but new users cant post)</p> <p>A search for the error 0x80004005 results in <a href="http://answers.microsoft.com/en-us/windows/forum/windows_vista-networking/cannot-access-network-share-get-unspecified-error/9f840844-9d5b-e011-8dfc-68b599b31bf5" rel="nofollow noreferrer">http://answers.microsoft.com/en-us/windows/forum/windows_vista-networking/cannot-access-network-share-get-unspecified-error/9f840844-9d5b-e011-8dfc-68b599b31bf5</a></p> <p>I've checked the workgroup, share settings, and restarted windows. Since the test share works I would think the Windows machine is working. I'll continue with the details.</p> <p>Edit again:</p> <p>Following the troubleshooting guide again:</p> <p>Simplify the smb.conf to just:</p> <pre><code># cat /etc/samba/smb.conf [tmp] comment = temporary files path = /tmp read only = yes </code></pre> <p>/etc/resolv.conf is using the ISPs servers and they work. They are different than the working server's DNS but that one is on a different ISP:</p> <pre><code># nslookup google.com Server: 71.242.0.12 Address: 71.242.0.12#53 Non-authoritative answer: Name: google.com Address: 74.125.228.2 </code></pre> <p>I'm doing everything with IP addresses so I don't know that DNS would come into play.</p> <p>I added dns proxy = no to smb.conf for fun but that didn't help.</p> <p>/var/log/samba/log.smbd doesn't report anything different from the working server:</p> <pre><code>[2012/09/20 16:59:41, 0] smbd/server.c:1141(main) smbd version 3.5.10-125.el6 started. Copyright Andrew Tridgell and the Samba Team 1992-2010 [2012/09/20 16:59:41.484699, 0] param/loadparm.c:7648(lp_do_parameter) Global parameter dns proxy found in service section! [2012/09/20 16:59:41.486645, 0] printing/print_cups.c:109(cups_connect) Unable to connect to CUPS server localhost:631 - Connection refused [2012/09/20 16:59:41.486809, 0] printing/print_cups.c:468(cups_async_callback) failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL [2012/09/20 16:59:41.507198, 0] smbd/server.c:501(smbd_open_one_socket) smbd_open_once_socket: open_socket_in: Address already in use [2012/09/20 16:59:41.507407, 0] smbd/server.c:501(smbd_open_one_socket) smbd_open_once_socket: open_socket_in: Address already in use [2012/09/20 17:00:39, 0] smbd/server.c:1141(main) smbd version 3.5.10-125.el6 started. Copyright Andrew Tridgell and the Samba Team 1992-2010 [2012/09/20 17:00:39.513793, 0] printing/print_cups.c:109(cups_connect) Unable to connect to CUPS server localhost:631 - Connection refused [2012/09/20 17:00:39.513955, 0] printing/print_cups.c:468(cups_async_callback) failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL [2012/09/20 17:00:39.535458, 0] smbd/server.c:501(smbd_open_one_socket) smbd_open_once_socket: open_socket_in: Address already in use [2012/09/20 17:00:39.535689, 0] smbd/server.c:501(smbd_open_one_socket) smbd_open_once_socket: open_socket_in: Address already in use </code></pre> <p>However the working server creates a log file in the directory named log. which the non working server does not.</p> <p>testparm:</p> <pre><code># testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section "[tmp]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] [tmp] comment = temporary files path = /tmp </code></pre> <p>continuing...</p> <p>Continued:</p> <p>nmb is running as well:</p> <pre><code># service nmb restart Shutting down NMB services: [ OK ] Starting NMB services: [ OK ] </code></pre> <p>"Respond to Ping on Internet Port" is normally turned off on the routers. I turned it on, on both the Windows client and the server. Each can ping the other, sharing still doesn't work.</p> <pre><code>Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\xxxx&gt;ping xxxx Pinging xxxx with 32 bytes of data: Reply from xxxx: bytes=32 time=25ms TTL=51 Reply from xxxx: bytes=32 time=23ms TTL=51 Reply from xxxx: bytes=32 time=26ms TTL=51 Reply from xxxx: bytes=32 time=24ms TTL=51 Ping statistics for xxxx: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 23ms, Maximum = 26ms, Average = 24ms # ping xxxx -c 5 PING xxxx (xxxx) 56(84) bytes of data. 64 bytes from xxxx: icmp_seq=1 ttl=251 time=20.7 ms 64 bytes from xxxx: icmp_seq=2 ttl=251 time=24.6 ms 64 bytes from xxxx: icmp_seq=3 ttl=251 time=21.4 ms 64 bytes from xxxx: icmp_seq=4 ttl=251 time=25.3 ms 64 bytes from xxxx: icmp_seq=5 ttl=251 time=22.9 ms --- xxxx ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4029ms rtt min/avg/max/mdev = 20.776/23.022/25.319/1.764 ms </code></pre> <p>continuing...</p> <p>Continued:</p> <p>iptables are off:</p> <pre><code># iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination </code></pre> <p>SELinux is off:</p> <pre><code># sestatus SELinux status: disabled </code></pre> <p><strong>smbclient</strong> using a user setup in samba works from the samba server to its local IP and to its external IP. The Windows client gets:</p> <pre><code>Connection to &lt;ip addr&gt; failed (Error NT_STATUS_UNSUCCESSFUL) </code></pre> <p>Samba is running as a daemon/service and netbios-ssn is in listen mode:</p> <pre><code># netstat -a|grep netbios-ssn tcp 0 0 *:netbios-ssn *:* LISTEN </code></pre> <p>Continuing...</p> <p>Continued:</p> <p>We're not restricting connections or using inetd.</p> <p>log.nmbd does not report any problems.</p> <p>nmblookup -B BIGSERVER <strong>SAMBA</strong> works using the server's name</p> <p>nmblookup -B ACLIENT * <strong>fails</strong> on all log files using the windows client name OR the external IP address</p> <p>nmblookup -d 2 `*'. <strong>fails</strong> </p> <p>"If your PC and server aren't on the same subnet, then you will need to use the -B option to set the broadcast address to that of the PC's subnet.</p> <p>This test will probably fail if your subnet mask and broadcast address are not correct. (Refer to test 3 notes above)."</p> <p>Im not sure here, since we're going over the internet do we need these to match and work?</p> <p>smbclient //BIGSERVER/TMP works</p> <p>On the client:</p> <pre><code>Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\xxxx&gt;net view \\xxxx (ip addr) System error 53 has occurred. The network path was not found. C:\Users\xxxx&gt; </code></pre> <p>net use has the same problem, even with providing user and passwd.</p> <p>nmblookup -M WORKGROUP returns a local windows machine on the network there, whereas on my test server it returns the client which is local to the test machine. Perhaps there is an issue here with workgroup being on another machine, but how would others connect from other networks if this was the issue?</p> <p>I tried preferred master = yes as well.</p> <p>Page 2 of samba howto next.</p> <p>Update: A new friend said to try nmap to see check the ports:</p> <pre><code># nmap -sS -P0 -sV -O xxxx Starting Nmap 5.51 ( ) at 2012-09-21 11:09 EDT Nmap scan report for xxxx (xxxx) Host is up (0.024s latency). Not shown: 995 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) 25/tcp open smtp Postfix smtpd 110/tcp open pop3 Dovecot pop3d 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) 9100/tcp open jetdirect? Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port OS fingerprint not ideal because: Missing a closed TCP port so results incomplete No OS matches for host Service Info: Host: xxxx </code></pre> <p>Since the Samba ports do not show up, I'm thinking the router or ISP is not forwarding/blocking the ports at this point.</p> <p>As for a solution to sharing, I'm trying sshfs with a windows and mac client.</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USCommunity
    1. USapuschak
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POCentOS 6.3 Samba share over internet not working
      1. USapuschak
      1. VTFavorite
    2. VO
      singulars
      1. POCentOS 6.3 Samba share over internet not working
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POCentOS 6.3 Samba share over internet not working
      1. This table or related slice is empty.
      1. VTUpMod
    1. COIf the test/diagnosis steps here: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html#id2682941 produced any errors, consider adding them to your post.
      singulars
      1. POCentOS 6.3 Samba share over internet not working
      1. USPerry Horwich
    2. COThanks Perry! I was doing that now, I clicked save edits, and they seem to be missing, I'll have to write them up again...
      singulars
      1. POCentOS 6.3 Samba share over internet not working
      1. USapuschak
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload