Differences

This shows you the differences between two versions of the page.

doc:howto:cifs.server [2012/11/04 20:33]
guru4hp
doc:howto:cifs.server [2014/02/03 08:10] (current)
nilfred New script version
Line 1: Line 1:
====== Samba ====== ====== Samba ======
-Samba is a FOSS re-implementation of [[wp>Server Message Block|SMB/CIFS]]. As of version 3, Samba provides file and print services over network which can be accessed by Windows, Unix and MacOS X clients. Alternatives are [[nfs.server|NFS]] and [[sshfs.server|SSHFS]].+Samba is a free and open-source implementation of [[wp>Server Message Block|SMB/CIFS]]. As of version 3, Samba provides file and print services over network which can be accessed by Windows, Unix and MacOS X clients. Alternatives are [[nfs.server|NFS]] and [[sshfs.server|SSHFS]].
===== Preparations ===== ===== Preparations =====
Line 46: Line 46:
<code>/etc/init.d/samba restart</code> <code>/etc/init.d/samba restart</code>
-**''Info:''** When samba is restarted that way, the file ''/etc/samba/smb.conf'' is created/recreated conform to the uci configuration file, and the new settings will take effect.+**''Info:''** When samba is restarted that way, the file ''/etc/samba/smb.conf'' is created/recreated conform to the uci configuration file and ''/etc/samba/smb.conf.template'', and the new settings will take effect.
 +Create samba users by adding them to /etc/passwd and /etc/group then using ''smbpasswd'' to set passwords and add to samba. Setup shared directories permissions according to your needs using ''chown'' and ''chmod''. Any unknown usernames used for authentication against samba are mapped to a guest login silently by default.
==== Custom configuration surpassing the UCI configuration ==== ==== Custom configuration surpassing the UCI configuration ====
Line 137: Line 138:
Since [[doc:howto:netfilter]] will track every connection, if you use MASQUERADING for example, you should disable con-tracking for data connections. The basic idea looks likes this, you must adapt this to your firewall setting. Since [[doc:howto:netfilter]] will track every connection, if you use MASQUERADING for example, you should disable con-tracking for data connections. The basic idea looks likes this, you must adapt this to your firewall setting.
<code bash> <code bash>
-$IPT -t raw -A OUTPUT -o $IF_LAN -s $IP_LAN -p tcp --sport 139 -j NOTRACK #------------------ don't track SMB +$IPT -t raw -A OUTPUT -o $IF_LAN -s $IP_LAN -p tcp --sport 139 -j CT --notrack #------------------ don't track SMB 
-$IPT -t raw -A OUTPUT -o $IF_LAN -s $IP_LAN -p tcp --sport 445 -j NOTRACK #------------------ don't track SMB +$IPT -t raw -A OUTPUT -o $IF_LAN -s $IP_LAN -p tcp --sport 445 -j CT --notrack #------------------ don't track SMB 
-$IPT -t raw -A PREROUTING -o $IF_LAN -s $IP_LAN -p tcp --dport 139 -j NOTRACK #------------------ don't track SMB +$IPT -t raw -A PREROUTING -o $IF_LAN -s $IP_LAN -p tcp --dport 139 -j CT --notrack #------------------ don't track SMB 
-$IPT -t raw -A PREROUTING -o $IF_LAN -s $IP_LAN -p tcp --dport 445 -j NOTRACK #------------------ don't track SMB+$IPT -t raw -A PREROUTING -o $IF_LAN -s $IP_LAN -p tcp --dport 445 -j CT --notrack #------------------ don't track SMB
</code> </code>
Line 180: Line 181:
===== Notes ===== ===== Notes =====
  * [[https://forum.openwrt.org/viewtopic.php?pid=140976#p140976|Samba user administration script]]   * [[https://forum.openwrt.org/viewtopic.php?pid=140976#p140976|Samba user administration script]]
 +  * [[https://forum.openwrt.org/viewtopic.php?id=33510|Storage Administration Tool]]

Back to top

doc/howto/cifs.server.1352057622.txt.bz2 · Last modified: 2012/11/04 20:33 by guru4hp