?
Solved

Disable Netbios Broadcasts on FreeBSD 7

Posted on 2012-09-07
4
Medium Priority
?
792 Views
Last Modified: 2016-02-11
goal: disable netbios broadcasts from port 137/138 w/o stopping samba/nmbd:



i tried:




vi /usr/local/etc/smb.conf

added line:

disable netbios = yes

to global parameters

restarted samba

/usr/local/etc/rc.d/samba restart

seems to have processed the parameters according to:

/var/log/samba/log.smbd




to no avail.




could this be accomplished via iptables? or how can this be accomplished?

thanks, in advance.
0
Comment
Question by:2newbie
  • 2
4 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38378722
This page says that Samba itself isn't doing the broadcasts.
http://en.wikipedia.org/wiki/Server_Message_Block
0
 

Author Comment

by:2newbie
ID: 38395105
Follow up Question or to rephrase the question:

How would I block outbound udp\tcp netbios broadcasts on ports 137 and 139 via ipfw [freebsd] w/o effecting samba?

I already tried disabling netbios via smb.conf - to no avail.

albeit, /var/log/samba/log.smbd showed it processed the new parameter.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38396098
You have to find the service that is doing it.  The article I linked says Samba doesn't use netbios broadcasts.
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 1000 total points
ID: 38401620
iptables is linux-specific

freebsd features ipf, pf, ipfw firewalls natively

"block out from any to any port = 137" should do the trick in any of them, obviously doing the same for port 138

in order to activate a firewall, please refer to the handbook : you will find a clear and simple 2 or 3 steps tuto and valuable information that can be read within minutes.

---

then i also believe determining what produces these broadcasts would be more interesting

the only 2 softwares i can think about that are likely to do so would be samba (but i also kinda recollect it should not use broadcasts) and possibly ZFS if you activated the builtin SMB/CIFS shares

to map network connections to processes, you can use sockstat (builtin) or install lsof, and possibly also get some information using netstat as root. these may also work for udp, depending on the flags used (mainly SO_REUSE) and the fact that a bind() call was made on the socket

---

how the hell did you determine that your freeebsd machine was sending broadcasts ?
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month16 days, 14 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question