Hall of Fame

1. it4soho64,282
2. fosiul0118,750
3. omarfarid10,450
4. woolmilkp...8,160
5. oklit7,725
6. Uberpappa7,500
7. ravenpl5,000
8. medvedd4,400
8. oocyte4,400
10. LunarNRG4,000
10. dainok4,000
12. noci3,500
13. arnold3,100
14. objects3,000
14. henjoh093,000
14. ai_ja_nai3,000
17. 0ren2,750
17. jar38172,750
19. rionroc2,500
19. rindi2,500
21. lanboyo2,000
21. Johnjces2,000
21. war12,000
21. gheist2,000
21. ibu12,000
21. anoyes2,000
21. cs97jjm32,000
21. demazter2,000
21. Mysidia2,000
21. Roachy1...2,000
21. LauraEHu...2,000
21. Nopius2,000
21. aktharcho...2,000
21. willettmei...2,000
21. techzter2,000
21. fmarzocca2,000
21. sckirklan2,000
21. MYCU2,000
21. Multipath2,000
21. arunraju2,000
21. thetmanvn2,000
21. technious2,000
21. dabblerwiz2,000
21. random_ru2,000
21. OliverRah...2,000
21. MiLLeNNiuM2,000
21. andre232,000

1. it4soho64,282
2. omarfarid27,430
3. fosiul0119,500
4. woolmilkp...18,160
5. Nopius15,920
6. noci15,750
7. ravenpl12,360
8. Redimido8,664
9. PeturIngiE...8,580
10. rindi7,800
11. oklit7,725
12. KeremE7,700
13. Uberpappa7,500
14. ygoutham7,300
15. natoka6,750
16. henjoh095,500
17. elf_bin5,300
18. ricardoelena5,000
19. ibu14,750
19. nabeelmoidu4,750
21. shakoush...4,600
22. ChiefIT4,500
23. LunarNRG4,480
24. medvedd4,400
24. oocyte4,400

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.6

samba, ports 139 and 445, windows and error log (write_data: write failure, connection reset by peer,Error writing 5 bytes to client)

Asked by lbertacco in Samba File Server, Linux Administration, Linux Network Security

Tags: failure, write, samba, client, error

Hello,
I'm using a samba server (CentOS 5) with several windows clients (xp and older).
Samba logs a lot of errors, like these:
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:get_peer_addr(1232)
Nov 20 16:04:06 shoebox smbd[28548]: getpeername failed. Error was Transport endpoint is not connected
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/access.c:check_access(327)
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:get_peer_addr(1232)
Nov 20 16:04:06 shoebox smbd[28548]: Denied connection from (0.0.0.0)
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:write_data(562)
Nov 20 16:04:06 shoebox smbd[28548]: write_data: write failure in writing to client 10.76.66.2. Error Connection reset by peer
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:send_smb(769)
Nov 20 16:04:06 shoebox smbd[28548]: Error writing 5 bytes to client. -1. (Connection reset by peer)

Now, from other sources, this seems quite normal. The problem seems to be that WinXP clients try to connect both to port 139 and 445 and then keep open only the session which is answered first and close the other (see e.g. http://ntsecurity.nu/papers/port445/).

There are several solutions, but none seem really good:
- add "ports 139" to smb.conf; problem: clients suppoting cifs (e.g. WinXP+) must revert to netbios over tcp which is less efficient
- add "ports 445" to smb.conf; problem: clients not supporting cifs but only netbios over tcp cannot access the server anymore
- disable netbios over tcp on winxp+ clients; problem: these clients would not be accessible by older clients anymore and furthermore you'd lose other netbios-over-tcp-only functionalities (e.g. netbios messages)

So do you know of any better solution to this?

Strangely the RedHat knowledge base doesn't say anything about this. Strange as any samba server with xp clients (with default config) is going to see these errors. Maybe the RH knowledge base is crippled to promote paying customers...

Anyway, in my opinion the correct solution would be for samba just NOT to log these errors as it's not really an error but normal (even if arguably good/bad) behavior of WinXP. In fact I consider this a samba bug.

Is it possible to configure samba to consider this normal and not pollute the log file?

Another idea might be to use the firewall: if a client is connecting to port 139 and 445 at the same time, just block port 139. Can this be done with iptables? Has anyone already tried this?

Get your answer NOW

20091111-EE-VQP-89 / EE_QW_2_20070628

samba, ports 139 and 445, windows and error log (write_data: write failure, connection reset by peer,Error writing 5 bytes to client)

Asked by lbertacco in Samba File Server, Linux Administration, Linux Network Security

Tags: failure, write, samba, client, error

About this solution