Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9887
  • Last Modified:

samba, ports 139 and 445, windows and error log (write_data: write failure, connection reset by peer,Error writing 5 bytes to client)

Hello,
I'm using a samba server (CentOS 5) with several windows clients (xp and older).
Samba logs a lot of errors, like these:
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:get_peer_addr(1232)
Nov 20 16:04:06 shoebox smbd[28548]:   getpeername failed. Error was Transport endpoint is not connected
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/access.c:check_access(327)
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:get_peer_addr(1232)
Nov 20 16:04:06 shoebox smbd[28548]:   Denied connection from  (0.0.0.0)
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:write_data(562)
Nov 20 16:04:06 shoebox smbd[28548]:   write_data: write failure in writing to client 10.76.66.2. Error Connection reset by peer
Nov 20 16:04:06 shoebox smbd[28548]: [2007/11/20 16:04:06, 0] lib/util_sock.c:send_smb(769)
Nov 20 16:04:06 shoebox smbd[28548]:   Error writing 5 bytes to client. -1. (Connection reset by peer)

Now, from other sources, this seems quite normal. The problem seems to be that WinXP clients try to connect both to port 139 and 445 and then keep open only the session which is answered first and close the other (see e.g. http://ntsecurity.nu/papers/port445/).

There are several solutions, but none seem really good:
- add "ports 139" to smb.conf; problem: clients suppoting cifs (e.g. WinXP+) must revert to netbios over tcp which is less efficient
- add "ports 445" to smb.conf; problem: clients not supporting cifs but only netbios over tcp cannot access the server anymore
- disable netbios over tcp on winxp+ clients; problem: these clients would not be accessible by older clients anymore and furthermore you'd lose other netbios-over-tcp-only functionalities (e.g. netbios messages)

So do you know of any better solution to this?

Strangely the RedHat knowledge base doesn't say anything about this. Strange as any samba server with xp clients (with default config) is going to see these errors. Maybe the RH knowledge base is crippled to promote paying customers...

Anyway, in my opinion the correct solution would be for samba just  NOT to log these errors as it's not really an error but normal (even if arguably good/bad) behavior of WinXP. In fact I consider this a samba bug.

Is it possible to configure samba to consider this normal and not pollute the log file?

Another idea might be to use the firewall: if a client is connecting to port 139 and 445 at the same time, just block port 139. Can this be done with iptables? Has anyone already tried this?
0
lbertacco
Asked:
lbertacco
1 Solution
 
omarfaridCommented:
Hi,

It could be that you have a firewall denying  / reseting the sessions.

0
 
lbertaccoAuthor Commented:
No, there is no firewall blocking anything and anyway this is expected normal behavior from xp clients (to try and open two sessions, then drop one)
0
 
ryranCommented:
I'd love to hear anyone else's thoughts on this topic as well...
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
lbertaccoAuthor Commented:
I entered this as bug 5314 in samba's bugzilla. It still has to receive any activity
0
 
csindiaCommented:
I suddenly have this problem. Access via the IP address works fine though. Any ideas?
0
 
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now